last executing test programs: 21.537346193s ago: executing program 3 (id=5224): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc4) 20.555106579s ago: executing program 3 (id=5229): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f0000000240)={[{@resuid}, {@jqfmt_vfsv1}, {@dax_inode}, {@dax_never}, {@minixdf}]}, 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r0 = open(&(0x7f0000000040)='./bus\x00', 0x64842, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x8) 18.006224984s ago: executing program 3 (id=5241): r0 = socket$inet6(0xa, 0x805, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec) 16.226744403s ago: executing program 3 (id=5250): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001a00010000000000000000001c14"], 0x24}}, 0x0) 14.904662623s ago: executing program 3 (id=5255): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x84, @remote, 0x4e23, 0x1, 'sh\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x200000001, 'ovf\x00'}, 0x2c) 13.740259298s ago: executing program 3 (id=5259): r0 = io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xb}) r1 = io_uring_setup(0x96b, &(0x7f00000003c0)={0x0, 0xf0f1, 0x8, 0x2, 0x0, 0x0, r0}) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x18, &(0x7f0000000000), 0x1) 8.651980352s ago: executing program 4 (id=5278): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) recvmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f00000027c0)=[{0x0}, {&(0x7f0000000680)=""/44, 0x2c}, {0x0}, {0x0}], 0x4}, 0xfabe}, {{0x0, 0x0, &(0x7f0000003ac0)=[{&(0x7f0000003940)=""/253, 0xfd}], 0x1}, 0x7895b09b}], 0x2, 0x7e39b3be554888e6, 0x0) 7.595240291s ago: executing program 2 (id=5280): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)=ANY=[@ANYBLOB="240000001600010a001800000002000000000000040000000c000b"], 0x24}}, 0x0) 7.158708705s ago: executing program 4 (id=5282): r0 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1, 0x0}) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f0000000200)={r1, 0x0, 0x0}) 7.106615783s ago: executing program 2 (id=5283): r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x200, 0x2) ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000000)=0x3) ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, &(0x7f0000000040)={0x1, 0x1}) 6.591588558s ago: executing program 0 (id=5284): r0 = syz_open_dev$rtc(&(0x7f0000000000), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) close(r0) 6.164148329s ago: executing program 2 (id=5285): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x20108c0, &(0x7f0000006580)=ANY=[@ANYBLOB='discard,iocharset=cp855,nodiscard,uid=', @ANYRESHEX=0x0, @ANYRES64=0x0], 0xfe, 0x612b, &(0x7f0000006700)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30G8DN7sdcOIQZCcFIDa8cY4yzZ9SW+0LqYcG2AUiCh0Au2612bBd/w2iVQJJsGSiSMiiqqph/aAkJtpKrCqvhAK0rzoerlU9N+oF8qqkpIjaoQBVSktqLZaua87+uZ2dmZXe94PXve309K/t6dM3POnHlndp+1nx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3z3y+VhRF/b/G/zYVxYvqf94wvqnxuTfc6iMEAAAAVur/Gv9//o70iSNLuFLTNn/3qn/85vz8/HzxweHfHf3y/Hy6YLwoRtcXReOy6Nq/f6jWvE3wWDFWG2r6eKjH7od7XD7S4/LRHpev63H5+h6Xj/W4fMEJWGBD+fOYxo1tb/xxU3lKizuL0cZl2ztc67Ha+qGh+LOchlrjOvOjJ4vZ4nQxU0y1bF9uW2ts/+2t9X29o4j7Gmra15b6Cvnhp0/EY6iFc7y9ZV/XbzP6wZuK8R/98NMn/vjis3d3mj1PQ8vtlce5c1v9OD8bPlMea61Yn85JPM6hpuPc0uExGW45zlrjevU/tx/n80s8zuHrh7mq2h/zsWKo8eenG+dppPnHeuk8bQmf++97i6K4cv2w27dZsK9iqNjY8pmh64/PWLki67dRX0ovLUaWtU63LmGd1uf09tZ12v6ciI//1nC9kUWOoflh+sFn1i143Je7TqP6vV7sudK+Bvv9XBmUNRjXxdONO/14xzW4Pdz/T+9YfA12XDsd1mC6301rcFuvNTi0brhxzOlBqDWuc30N7m7Zfrixp1pjPrOj+xqcvHjm/OTcJz/1+tkzx0/NnJo5u3f37qm9+/cfPHhw8uTs6Zmp8v83eLYH38ZiKD0HtoVzF58Dr23btnmpzn+1f8/DsS7Pw01t2/b7eTjSfudqq/OEXLimy+fGw/WTPnZ1qFjkOdZ4fHat/HmY7nfT83Ck6XnY8WtKh+fhyBKeh/Vtzu9a2vcsI03/dTqGm/W1YFPTGmz/fqR9Dfb7+5FBWYNjYV38667FvxZsCcf7+MRyvx8ZXrAG090Nrz31z6Tv98cONkandXlP/YLb1hWX5mYu3P/o8YsXL+wuwlgVL2taK+3rdWPTfSoWrNehZa/XI7OvevyeDp/fFM7V2Ovr/xtb9LGqb7Pv/u6PVeOrW+fz2fLZPUUYfbba57PTV/P6+UxZssv5rG/z2cmVfy+ecmnT6+/oIq+/Mfe/UO4v3dRjw6Mj5fN3OJ2d0ZbX49aHaqTx2lVr7Pv5yaW9Ho+G/1b79fjOLq/Hm9u27ffr8Wj7nYuvx7VeP+1YmfbHcyysk9NT3V+P69ts3rPcNTnS9fX43jBr4fy/LiSFlIua1s5i6zbta2RkNNyvkbiH1nW6t2X70ZDN6vt6cs+NrdOd95a3NZzu3XWrtU7H27bt9zpNr1eLrdNar5++3Zj2x3MsrIs793Zfp/Vtntq38tfODfGPTa+d63qtwdHhdfVjHk2LsHy9n98Q1+D9xYniXHG6mG5cuq6xnmqNfU08sLQ1uC78t9qvlZu7rMGdbdv2ew2mr2OLrb3ayMI73wftj+dYWBdPPNB9Dda3ecuB/n7vujN8Jm3T9L1r+8/XFvuZ1z1tp+lm/syrfpx/c6D7z2br25w+uNyc2f083Rc+c1uH89T+/F3sOTVdrM552hyO89mDi5+n+vHUt/nyoSWupyNFUVz++IONn/eGv1/580vf/WbL37t0+judyx9/8LnbT/7tco4fgLXvhXJsLL/WNf3N1FL+/h8AAABYE2LuHwozkf8BAACgMmLuj/8qPJH/AQAAoDJi7h8JM8kk/29+y7OzL1wuUjN/PoiXp9PwULld7LhOhY/H56+rf/7Br8/8+C8vL23fQ0VR/OSh3+i4/eaH4nGVxsNxXntr6+cXXvHykvZ/7JHr2zX3178Sbj/en6Uug04V3KmiKL59xxcb+xn/0NXGfOqhY435viuPP1bf5vlD5cfx+s+8rNz+D0L598jJ4y3Xfyach++HOfXOzucjXu8bV1+35cAHru8vXq+27cWNu/3Eh8vbjb8n50uPldvH87zY8f/VF578Rn37R1/T+fgvD3U+/ifD7X49zP95Zbl982NQ/zhe73Ph+OP+4vXu/9p3Oh7/tc+X259/W7ndsTDj/neGj7e/7dnZ5vP1aO14y/0q3l5uF/c/9d3fblweby/efvvxjx292nI+2tfHU/9c3s5k2/bx83E/0V+07b9+O83rM+7/yd861nKee+3/2vueeWX9dtv3f1/bdsNt12//jU1/+LkvdtxfPJ4jf3a+5f4ceW94Hof9P/HhsB7D5f977Yst+42Ovbf19Sdu/5VNl1vuT/SOH5X7v/bGU435H+M//v3bXnT7i6+8un7uiuLp95e312v/p/7oXMvxf/WuXY3HI14eO/rt+19M3P+FT0ycPTd3aXa66aw2fnfOu8rjWT+2YWP9eO8Ir63tHx89d/EjMxfGp8animK8ur9C74Z9LcznynFludff9Uh4PO/5vW9v3PFPX4if/5eHy89ffWf5deu1Ybsvhc9vKh+/+doK9//E1rsaz+/aU+XHLT32Ptiy/T8PLmnDcP/bvy+I6/38yz/SOA/1yxpfN+LzeoXH/73p8na+Fc7rfPjNzNvuur6/5u3j70a4+v7y+b7i8xde5uLj+ifh8X7398vbj8cV7+/3wvcx39nc+noX18e3Lg+1337jt3hcCa8nxZXy8rhVPN9Xn7+r4+HF30NSXLm78fHvpNu5e1l3czFzn5ybPD179tKjkxdn5i5Ozn3yU0fPnLt09uLRxu/yPPrRXte//vq0sfH6ND2zf18xtaEoinPF1Cq8YN2c46//aWnHf/6RE9MHpnZMz5w8funkxUfOz1w4dWJu7sTM9NyO4ydPznyi1/Vnpw/v3nNo74E9E6dmpw8fPHRo76GJ2bPn6odRHlQP+6c+NnH2wtHGVeYO7zu0+4EH9k1NnDk3PXP4wNTUxKVe1298bZqoX/vXJy7MnD5+cfbMzMTc7KdmDu8+tH//np6/DfDM+ZNz45MXLp2dvDQ3c2GyvC/jFxufrn/t63V9qmnu38rvZ9vVyl/EV7znvv3p97PWff0zi95UuUnbLxB9Nvwumn94yfmDS/k45v7RMJNM8j8AAADkIOb+dWEm8j8AAABURsz968NM5H8AAACojJj7x8JMMsn/+v/6/0vr/5eX6//n1f8///GyV7rW+/+xP6//n4db3P9f8f71//X/q9f/X3p/fq0fv/6//j8LDVr/P+b+DUWRZf4HAACAHMTcvzHMRP4HAACAyoi5/7YwE/kfAAAAKiPm/heFmWSS//X/l9T/39OrcFX9/r/3/9f/L9Zm/z8+OPr/2Vh2//4DD7d8qP8f6P/r/+v/6//r/7Nio4tecqv6/zH33x5mkkn+BwAAgBzE3P/iMBP5HwAAACoj5v47wkzkfwAAAKiMmPs3hZlkkv/1/73/v/6//n+l+/8rff//poPR/18bvP9/d/r/Pdxw/39M/38t9v9H+3v8g93/73n4+v/cFIP2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/73f/7/8k/7/YNH/707/vwfv/59X/7/Pxz/Y/f9+v///6Fvbr6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z/nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vv/L7Sc/v/6XjdGZQxa/z/m/leGmWSS/wEAACAHMfe/KsxE/gcAAIDKiLn/1WEm8j8AAABURsz942EmmeR//f9q9f//9K+feHWh/6//32P/Fe3/x2Wg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/xXt/yf6/3nT/++g6Umq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/533r/+/Nun/d7fc/v86/X/9f/3/zPr/3v+f/hq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxH+/Wf67V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f9/3vQ/9f/1//X/6evBq3/H3P/68NMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8MM5H/AQAAoDJi7p8KM8kk/+v/6//n1P/3/v/6//r/1af/353+fw/6//r/Vev/F4X+P7fUoPX/Y+7fHWaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YifwPAAAAlRFz/74wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//X7X+v/f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p3/XDQAAAKwtMfcfDDPJ5O//9f8r0v//zb9v2bf+v/5/t/33p/+/Qf8/TP3/wVLR/n/70+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b/r3/v/5/lVW0/983ler/D+n/6/8P1vHr/+v/s9DN7//HPy2t/x9z/+Ewk0zyPwAAAOQg5v6fDTOR/wEAAKAyYu5/Y5iJ/A8AAACVEXP/kTCTTPK//r/+v/6//v/N6f+/sWg3iP3/+uLR/68W/f/uKtX/9/7/+v8Ddvz6//r/LDRo7/8fc/+bwkwyyf8AAACQg5j7Hwwzkf8BAACgMmLuf3OYifwPAAAAlRFz/1vCTDLJ//r/+v/6//r/3v+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/1vDTDLJ/wAAAJCDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZZJL/9f/1//X/9f/1/zvvX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/Mff/XJhJJvkfAAAAchBz/0NhJvI/AAAAVEbM/e8MM5H/AQAAoDJi7n9XmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/7vDTDLJ/wAAAJCDmPt/PsxE/gcAAIDKiLn/PWEm8j8AAABURsz9vxBmkkn+1//X/x+s/v/85ebr6f/r/xf96v/Xr6T/nwX9/+70/3vo0P9fr/+v/6//r//PDRu0/n/M/e8NM8kk/wMAAEAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7Hw4zyST/6/9n2f9Pd3nw+v/e/1//3/v/6/+vjP5/d/r/PXj/f/1//X/9f/pq0Pr/Mfc/EmaSSf4HAACAHMTc/4EwE/kfAAAAKiPm/l8MM5H/AQAAoDJi7v9gmEkm+V//P8v+/wC//3/V+v8jLesjp/7/WNPjmdal/r/+/yrQ/+9O/78H/X/9/0Hu/4fVvGGR6+v/M4gGrf8fc/+Hwkwyyf8AAACQg5j7fynMRP4HAACAyoi5/5fDTOR/AAAAqIyY+38lzCST/K//r/+v/+/9/73/f+f96/+vTfr/3en/96D/r/8/yP3/HvT/GUSD1v+Puf9Xw0wWDX7P/dcS7iYAAAAwQGLu/3CYSSZ//w8AAAA5iLn/aJiJ/A8AAACVEXP/sTCTTPK//n97/z++o6r+v/6//r/+v/7/WtS//v8rbi8K/X/9f/1//X/9f/1/VmLQ+v8x9x8PM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+E2Em8j8AAABURsz902EmmeT/W9j/Hx3M/r/3/7/R/v9P9P/1/wP9/870/1eH9//vTv+/B/1//X/9f/1/+mrQ+v8x98+EmWSS/wEAAKDC0o+DY+4/GWYi/wMAAEBlxNx/KsxE/gcAAIDKiLn/I2EmmeR/7/+v/+/9/29F/3+kZXv9/5L+v/5/P+j/d6f/34P+v/6//r/+P301aP3/mPtnw0wyyf8AAACQg5j7PxpmIv8DAABAZcTc/7EwE/kfAAAAKiPm/tNhJpnkf/1//f/c+/+1orji/f/1/zvtX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/MfefCTPJJP8DAABADmLuPxtmIv8DAABAZcTcfy7MRP4HgP9n7y6aJDuvPA7naKSG1cxHmPWsZjmz0nwEb71zhNeOMMgMksxsy8wgMzOTzMzMMjPKKDuiHao+53RXV/a9DdlV977neTbH3aFyZqlTcvxd8YsLADCM3P13j1ua7H/9v/6/e/+/OZLn/+//6/X/p+n/9f+7cKC/v3r7X3e+KPy8/f///O91d9H/6//1/5P0//p//T/nWlr/n7v/HnFLk/0PAAAAHeTuv2fcYv8DAADAMHL33ytusf8BAABgGLn7r4tbmux//b/+X/+v/9/X/9+i/9f/r5vn/0/T/8/Q/+v/9f/6f3Zqaf1/7v57xy1N9j8AAAB0kLv/PnGL/Q8AAADDyN1/37jF/gcAAIBh5O6/X9zSZP/r//X/+v+19P/HPP//nO9H/6//30b/P03/P0P/r//X/+v/2aml9f+5++8ftzTZ/wAAANBB7v4HxC32PwAAAAwjd/8D4xb7HwAAAIaRu/9BcUuT/a//1//r/9fS/x/S8//1//r/lbt5c+bfCfr/g/T/M2b6/81G/z/lgvv57d/eet7/eej/9f8ctLT+P3f/g+OW/99sjl3qNwkAAAAsSu7+h8QtTX7+DwAAAB3k7r8+brH/AQAAYBi5+2+IW5rsf/2//l//r//X/29/ff3/Onn+/7TL7///+z/vdte+/b/n/0/z/P9d9/93fDL0/6zb0vr/3P03xi1N9j8AAAB0kLv/oXGL/Q8AAADDyN3/sLjF/gcAAIBh5O5/eNzSZP/r/0fr//9939ed1f/v1S76f/2//l//Pzr9/zTP/5+x96+5k/VL/b/+3/P/9f9cnqX1/7n7HxG3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/8frf/f/3We/6//3/b6+n/9/8j0/9P0/zNGef7/JX5qjrqfv1xH/f71//p/Dlpa/5+7/zFxS5P9DwAAAB3k7n9s3GL/AwAAwDBy9z8ubrH/AQAAYBi5+x8ftzTZ//p//f86+v98Bf2//v/K9/9J/79O+v9p+v8Zo/T/l+io+/m1v3/9v/6fg5bW/+fuf0Lc0mT/AwAAQAe5+58Yt9j/AAAAMIzc/U+KW+x/AAAAGEbu/ifHLU32v/5f/7+O/t/z//X/nv+v/78w+v9p+v8Z+n/9v/5f/89OLa3/z91/U9zSZP8DAABAB7n7nxK32P8AAAAwjNz9T41b7H8AAAAYRu7+p8UtTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f9ZXndg8PW5psv8BAACgg9z9z4hb7H8AAAAYRu7+Z8Yt9j8AAAAMI3f/s+KWJvtf/7+Y/n8v5xur/z+52Wz0/5um/f/Js/4863Op/9f/HwL9/zT9/wz9v/5f/6//Z6cW1P/v/Tp3/7Pjlib7HwAAADrI3f+cuMX+BwAAgGHk7n9u3GL/AwAAwDBy9z8vbmmy//X/i+n/94zV/3v+/7mfj079v+f/H6T/Pxz6/2n6/xn6f/2//l//z04trf/P3f/8uOnYNZf8LQIAAAALk7v/BXFLk5//AwAAQAe5+18Yt9j/AAAAsFI3Hfid3P0vilua7H/9/277/2Nn/Z7+X/9/7udD/6//1/9fefr/afr/Gfp//b/+X//PTi2t/8/d/+K4pcn+BwAAgA5y998ct9j/AAAAMIzc/S+JW+x/AAAAGEbu/pfGLU32v/7f8//1//p//f/219f/r5P+f5r+f4b+X/9/tP3/8TP/Uf/PGC6i/z916tT1V7z/z93/srilyf4HAACADnL3vzxusf8BAABgGLn7XxG32P8AAAAwjNz9r4xbmux//X/T/j8/6uvq/2/YbPT/+n/9v/5/mv5/mv5/hv5f/+/5//p/dmppz//P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAYuftfE7fY/wAAADCM3P2vjVua7H/9f9P+3/P/9f/6/8Pu/2/f6P8PxSr6/5Pnf/2l9/836v/1/xPa9f93+r99v9T/6/85aGn9f+7+18UtTfY/AAAAdJC7//Vxi/0PAAAAw8jd/4a4xf4HAACAYeTuf2PcdHWT/a//1//r//X/+v/tr3/Iz/8/ttls9P87sIr+f8LS+//dPP//3H/Kz9D/6//X/P71//p/Dlpa/5+7/01xS5P9DwAAAB3k7n9z3GL/AwAAwDBy978lbrH/AQAAYBi5+98atzTZ//p//b/+X/8/fP9/4yr6f8//3xH9/7Rl9P/np//X/6/5/ev/9f9cuKPq/3P3vy1uabL/AQAAoIPc/W+PW+x/AAAAGEbu/nfELfY/AAAADCN3/zvjlib7X/+v/7+Y/j/fp/5/rP7/+OL6/xP7/vuaPP9f/78j+v9p+v8Z+n/9v/7/Jv0/u7S05//n7n9X3NJk/wMAAEAHufvfHbf+r1v7HwAAAIaRu/89cYv9DwAAAMPI3f/euKXJ/tf/6/89/1//P/zz//X/rej/p+n/Z+j/9f/6f8//Z6eW1v/n7n9f3NJk/wMAAEAHufvfH7fY/wAAADCM3P0fiFvsfwAAABhG7v5b4pYm+1//r//X/+v/9f+n/wz1/2PQ/087nP7/pP5f/1/9/L/FPwX6f/3/3NczpqX1/7n7Pxi3NNn/AAAA0EHu/g/FLfY/AAAADCN3/4fjFvsfAAAAVunqLb+Xu/8jcUuT/a//1//r//X/+v/tr6//X6cj6f/zQ6H/9/z/0Kf//699v1rb8//P/d8v/b/+n91bWv+fu/+jcUuT/Q8AAAAd5O7/WNxi/wMAAMAwcvd/PG6x/wEAAGAYufs/Ebc02f/6f/2//l//r//f/vr6/3Xy/P9p+v8Z+v8jfX7+2t+//l//z0FL6/9z938ybmmy/wEAAKCD3P2filvsfwAAABhG7v5Pxy32PwAAAAxjb/dnXNZw/+v/9f/6f/2//n/76+v/10n/P03/P0P/r//X/+v/2aml9f+f2fuqE5vPxi1N9j8AAAB0kLv/c3GL/Q8AAADDyN3/+bjF/gcAAIBh5O7/QtzSZP/r//X/6+j/T506db3+X/+///s50//fqv+n6P+n6f9n6P/1//p//T87tbT+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAYeTu/3LcYv8DAADAMHL3fyVuabL/9f8L6P9P6P89/1//v/H8f/3/juj/p+n/Z4zY/5+48G//qPv5y3XU71//r//noKX1/7n7vxq3NNn/AAAA0EHu/q/FLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P9r/8/vP7/jr93XZ7/f3Kz/f3r//X/+n/9/5Wm/5+m/58xYv9/EY66n1/7+9f/6/85aGn9f+7+b8Yt+4ffNRf3XQIAAABLkrv/W3FLk5//AwAAQAe5+78dt9j/AAAAMIzc/d+JW5rsf/3/Ap7/P2D/7/n/2z8f+v9F9/9X6f/HoP+fpv+fof/X/+v/d9T/56dZ/9/d0vr/3P3fjVua7H8AAADoIHf/9+IW+x8AAACGkbv/+3GL/Q8AAADDyN1/a9xy1v7f1naPQv+v/9f/6//1/9tfX/+/Tvr/aRfa/x/fXF7/n/T/+n/9f9f+3/P/OW1p/X/u/h/ELX7+DwAAAKtzzXl+P3f/D+MW+x8AAACGkbv/R3GL/Q8AAADDyN3/47jltquO6i0dKv2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+Wv1/2P0/5uN/p/Lt7T+P3f/T+IWP/8HAACAYeTu/2ncYv8DAADAMHL3/yxusf8BAABgGLn7fx63NNn/+n/9/2X2/3tppv7/NP3/afr/7fT/h0P/P03/P0P/7/n/+n/P/2enltb/5+7/RdzSZP8DAABAB7n7fxm32P8AAAAwjNz9v4pb7H8AAAAYRu7+X8ctTfb/kfX/8bda/7/6/t/z//X/+n/9/6Lo/6fp/2fo//X/+n/9Pzu1tP4/d/9v4pYm+x8AAAA6yN3/27jF/gcAAIBh5O7/Xdxi/wMAAMAwcvf/Pm5psv89/1//r//X/+v/t7++/n+d9P/T9P/b1R+U/l//r//X/7NTS+v/c/f/IW5psv8BAACgg9z9f4xb7H8AAAAYRu7+2+IW+x8AAACGkbv/T3FLk/2v/9f/6//1//r/7a+v/18n/f+0o+z/7/wf8y/r+f9H3v/nW9D/6//1/+zE0vr/3P1/jlua7H8AAADoIHf/X+IW+x8AAACGkbv/r3GL/Q8AAADDyN3/t7ilyf6f6f+P11+o/5+k/9///vX/2z8f+n/9v/7/ytP/T/P8/xn6f8//1//r/9mppfX/ufv/Hrc02f8AAADQQe7+2+MW+x8AAACGkbv/H3GL/Q8AAADDyN3/z7ilyf73/P819f/X6v/1//p//b/+f4b+f5r+f4b+X/+v/9f/s1NL6/9z9/8rAAD//z66VbA=") 6.008161088s ago: executing program 0 (id=5286): syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000040)='./file1\x00', 0x80c406, &(0x7f0000000800)=ANY=[@ANYBLOB="646f74732c646f747300646d61736b3d30303030303030303003994db69d6fadd9febb9b326973636172642c0166733d6e6f7374066c655f726f2c6769643db0a274b54a903862b1d491a0644fd032adf103782b3e6ab9bb8b7d5a2e568a8781052c1f78a90d525fbffbbe712b3588cd20fd6b4fa30f99796b63d0000200006bf7964f30b515830fe521179cb856fcec51525e76986850e3c2079c07811902047009a8bd311ec4398a92a06f061a5a0ba1eb2b3db991e65cb55232662ecb874cb1ea47734fd6c56b06c03f20235fad7299622ac7c70fbb5466c8f69e506f15f9048273682c4abdddc8cbc849980b03000000000000000000000063e0c97554c132b6effff3b3e0c109c72f794db4da27b9108716f1877464f58d22d0ea6e75321d887a6a375c5cf8cce358a8df2720e76ce466c78c7901cc6071bc2eafaa394d4290e95d4db56b59ed5d9bd10d94b075a7ace6d3f19993baa452ececc39f61cc383b51b627ad3b736c045f8c784b64531d7535f784998dee85b80f515bdeba72caeb00c76ae7cb06986d7e9f9fec03b990c1fc56d5161ae3c622a649f9f95781dd32bc8e4090861fcad6bed6a3be33f3602b136695e7543543b93f62312f5387cd4c6d1aa22271ec1be39d675c08f44ed601b6c8fbf92f448158194570618bfd504dfd0ff459eff7bc34e453816efefe372fcecc66f0956afbe155f1f53d0eff4872d6921804209e82af2ed0a588b8ebbef33bbbc3d495d110acf1a753", @ANYRES64=0x0, @ANYRES64], 0xff, 0x2a9, &(0x7f0000000540)="$eJzs3M9rE0EUwPGX3TabVvrjJOjFh170stR4VMEoLYgBJe2KehC2dKshMSm7QRMRzNlT/47i0Zsg/gO9+wd4K4L01JMrTTbrJqYVa0w0+X6g7My8nXZmXwtvCpu9B9vPSpuBvenWxMioGCJNORBZlKJ0pKJrutVOx+NyPStNubT0fP/N6sNHd3L5/HJBdSW3diWrqvPnPrx49fb8x9qp++/mLUt2Fx/vfc1+3j29e2bv29rTYqDFQCvVmrq6Xq3W3PWypxvFoGSr3it7buBpsRJ4fld8s1zd2mqoW9mYm93yvSBQt9JQQxpaq2omWlVFbdvWudnDdkYmSPq3Zzg7hYKb6xuaqCc33nw/55oiMvNTTp2d0awIAACM0tH1vxHf06n/jd76X+QX9f/r6K759wOv/02J6/+S16r/a35D3SduMVn/41jOjSPr/2MYf2cx+BOpZqJzsyvk+7mZ/pOo/wEAAAAAAAAAAAAAAAAAAAAA+B8chOFCGIYLh1dDRMKob4mImej3mcob4mMgmf8w8WVFCT4m/xgDiRf3MiJfmnWn7qRa13Z85XZ+eUlbEi/+7dfrjhnHL7fj2h2fltkonu0bT8vFC+34YezW3Xwyvl13ZmSjZ61mV685yMcAAAAAAMBYszW2GA9mJD7f27Za0htvnd9bjSkR6fx/oOd8PyVnp4a4EQAAAAAAcKSg8bLklsueP5yGOcSfdeKGyMmmXw2tgSzDFJHEiBWlKnlPYVVkcFtOy0m33NOwxOusdriJ+5Qb/a/NcBrXBvYNw5RIe2Q6ylnPXwEAAACA8fLjPDDqlQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMLmG8dFlo94jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8K/4HgAA///iILNY") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1) 5.781532283s ago: executing program 4 (id=5287): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000140)={0x0, 0x2000bb22, 0x2, {0x1, @raw_data="3d924b827139e8a4ec01eb92492ff84715d1a004d08b012a7cafe27a5f313d31bbdae5b411ca5be6bfe92437ed0d21b5180e375be56b3b9306d7dbb26bf9f22de7ac7681cca450055250217bdf1113b4258293ba4efed32147bda8454dd115bd5ba066ba06f2854cc96db9a98055cbde9fd084a1223ada91ed2e832907a01ab5ee65f997b617f73d1aa5a6dfc47acdc5eb834f8e448469d235e4380cbcc331c96177b67caa0656f9664277cadb8597e7d911ad1da457ef9744b0993c57a700"}}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000000c0)=@userptr={0x0, 0x1, 0x4, 0xd08b012a, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "f1439fae"}, 0x0, 0x2, {0x0}}) 5.275549271s ago: executing program 1 (id=5288): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000080)="18", 0x10, 0xf, &(0x7f00000000c0)={0x11, 0xe, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 5.041180897s ago: executing program 0 (id=5289): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000080), &(0x7f00000003c0), 0xffffffffffffff57, 0x0) 4.152972081s ago: executing program 1 (id=5290): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @none, 0x0, 0x2}, 0xe) 4.107736985s ago: executing program 4 (id=5291): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @random="c5f9772bb146", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10}}}}}}}, 0x0) 4.027401045s ago: executing program 0 (id=5292): syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000280)='./file0\x00', 0x208008, &(0x7f0000000000)=ANY=[], 0x80, 0x14e, &(0x7f0000000e40)="$eJzs2r9Kw0AcB/AfWBE6OjoFKlHQ/Ne66ljcfIPQ5tLgxZREkPYFxElQOAdfQvAJfISMbroI+hKRmKMmUWxRIR2+n+W+8Gvvfr0rN50WR6HFEo1oe3R19LIaR6HSdfb6zGIuFXpEpOQhzbIbnb54mtbTjPRvPtCs9bdi7Gz64vCCBdyzm24JAAAAAAAAAAAAAAAAAAAAAADmpLZlaA9FeM4C7lmlajKeHLuce3HSUHuNUxX5houY4Lf5/jiV+tYrkbqfp0AcxHndrH7/WoaNoeDP9f01TsORkYwnWhC6vud7J7btdM0d09y1jY+5jPqM6p3sidLs3tQpk6b10nuzx3nem8nzb60F4vKsvtrn+SMg/DX0WvhH/S4s0UK0UQozbpXWzHtnUbSXi3Gw4nQe8vtP70d8IIv/u2dyJaqWmvrhAPCz9wAAAP//MKk80A==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x4000, 0x0, @auto="b8f92416074d3848"}}) 3.475886363s ago: executing program 2 (id=5293): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001800)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8}, @NFTA_NG_DREG={0x8}, @NFTA_NG_TYPE={0x8}]}}}]}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, '\"'}]}], {0x14}}, 0x8c}}, 0x0) 3.136346709s ago: executing program 1 (id=5295): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1002, 0x0, 0x12, r0, 0x2000) 3.080760634s ago: executing program 0 (id=5296): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) 2.881223394s ago: executing program 4 (id=5297): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8}, @ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8}]}, 0x3c}}, 0x0) 2.354300646s ago: executing program 1 (id=5298): r0 = socket$inet6(0xa, 0x80003, 0xa) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close(r0) 1.911180768s ago: executing program 0 (id=5299): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0xa00a14, &(0x7f0000000080)=ANY=[], 0x1, 0x335, &(0x7f0000000480)="$eJzs3c9LI2cYwPEnP4xJxEwOpaWF4kt7aXsYNO25EIpCaaCiplQLhVEnbcg0kUywpJRqT72W/ge99CAevQnd/Qe87G33spe9eVnYw8oiO0smMzr5qTuaja7fD8i8k+d9Ju9LYnjekJk5/v7vXyolWy8ZDYkmlURERE5EshIVX8TbRt12QoJ25dOpZw8/XF5d+yZfKMwvKbWQX/k8p5TKzPz/6+8pr9vhpBxlfzx+mnty9O7R+8cvV34u26psq2qtoQy1XnvcMNYtU22W7Yqu1KJlGrapylXbrLfjtXa8ZNW2tprKqG5Op7fqpm0ro9pUFbOpGjXVqDeV8ZNRripd19V0WkQmpVui55G7rLi3tGTkQyZvXPNgENYLx3GGhJ1I3oiJSKonUtwb6bgAAMCN1FX/x9ySPlT9Lxm3/m91Pq//9z+635j67iDj1f+HiX71/xeP2sfqqP+TInLl+j8o2Wf2vRXRrbfzOp2vVP/jZpjpXdNGOvai9byR9v5/XX/+sD/rNqj/AQAAAAAAAAAAAAAAAAAAAAC4DU4cR3McR/O33t9n5z3aj41zjBidAa+/NumdMeXvj3ucGI3l1TVJuifuxTMi1l/bxe1ie+vF/Y6zosmp+37wtNr+mUeqJSv3rB0vf2e7GHMj+ZKUxRJT5kSTbHe+4yx8XZifU21e/tmJeulgfk40ead/fq4z33v+hHzycSBfF00ebEhNLNlsva9PnbP8P+aU+urbQld+yu0HAAAAAMDbQFeqtQweuH7XdeXrirfzz9bXnd8PiATW57N91+dx7YP4eOcOAAAAAMBdYTd/qxiWZdaHNFJycZ/wjXi49IlhfWKBGXaEZHfglBPeFYJHN9MhDf+HFJVEIJSUf71f4fRmxS48sj//0Yw5KmGyZsTxbslylWf3vzYa1EcWR/16xQeE3vvnv+fhjhzxrtobDH15kLxgpiNrTFzqw8OJXcMnEAAAAIA3xS/6U7a7G7lkWr+b6QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJCGXAYsfl2XExv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICb4lUAAAD//2sRAKU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103042, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x505da283, 0x5}) 1.43692492s ago: executing program 1 (id=5300): r0 = gettid() r1 = syz_open_dev$sndctrl(&(0x7f00000012c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0xfffffffe}, 0x3, 0x0, 0x42, r0, 0x1, 0x0, 'syz0\x00', &(0x7f0000001300)=['!\x00'], 0x2}) 1.385422581s ago: executing program 4 (id=5301): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002380)=ANY=[], &(0x7f0000000080), 0x0) 904.164994ms ago: executing program 2 (id=5302): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={0x18, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x18}}, 0x0) 462.870331ms ago: executing program 1 (id=5303): r0 = socket(0x10, 0x3, 0x0) recvmmsg$unix(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f00000008c0)=""/200, 0xc8}, {&(0x7f0000000640)=""/249, 0xf9}, {&(0x7f0000004480)=""/4098, 0x1002}, {&(0x7f0000000740)=""/82, 0x52}, {&(0x7f0000011040)=""/116, 0x74}, {&(0x7f0000000300)=""/25, 0x19}, {&(0x7f00000009c0)=""/233, 0xe9}, {&(0x7f0000000b40)=""/127, 0x7f}], 0x8}}], 0x1, 0x0, 0x0) write(r0, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000080000000000", 0x14) 0s ago: executing program 2 (id=5304): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000000)=0x4, 0x4) kernel console output (not intermixed with test programs): 8][ T10] kye 0003:0458:5017.005A: unknown main item tag 0x0 [ 1184.944591][ T10] kye 0003:0458:5017.005A: unknown main item tag 0x0 [ 1184.952229][ T10] kye 0003:0458:5017.005A: unknown main item tag 0x0 [ 1184.959596][ T10] kye 0003:0458:5017.005A: unknown main item tag 0x0 [ 1185.033027][T14753] sp0: Synchronizing with TNC [ 1185.107292][ T10] kye 0003:0458:5017.005A: hidraw0: USB HID v0.00 Device [HID 0458:5017] on usb-dummy_hcd.4-1/input0 [ 1185.119415][ T10] kye 0003:0458:5017.005A: tablet-enabling feature report not found [ 1185.128473][ T10] kye 0003:0458:5017.005A: tablet enabling failed [ 1185.223579][ T10] usb 5-1: USB disconnect, device number 32 [ 1186.241926][T10603] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 1186.483307][T10603] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1186.494964][T10603] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1186.505317][T10603] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00 [ 1186.514850][T10603] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1186.599965][T10603] usb 3-1: config 0 descriptor?? [ 1186.803861][T14769] loop4: detected capacity change from 0 to 64 [ 1187.112203][T10603] lua 0003:1E7D:2C2E.005B: unknown main item tag 0x6 [ 1187.119362][T10603] lua 0003:1E7D:2C2E.005B: item fetching failed at offset 3/5 [ 1187.224352][T10603] lua 0003:1E7D:2C2E.005B: parse failed [ 1187.230519][T10603] lua 0003:1E7D:2C2E.005B: probe with driver lua failed with error -22 [ 1187.355982][ T10] usb 3-1: USB disconnect, device number 24 [ 1187.886218][T14778] [U] [ 1188.199885][T14777] loop0: detected capacity change from 0 to 2048 [ 1188.418516][T14777] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1188.532781][T14785] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3948'. [ 1188.888608][T14790] loop4: detected capacity change from 0 to 64 [ 1189.601620][T11174] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 1189.671843][ T29] audit: type=1326 audit(1726300985.707:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14797 comm="syz.1.3954" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb65c17def9 code=0x0 [ 1189.842725][T11174] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1189.854345][T11174] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1189.864756][T11174] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1189.878431][T11174] usb 3-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00 [ 1189.888146][T11174] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1189.967656][T11174] usb 3-1: config 0 descriptor?? [ 1190.480039][T11174] zeroplus 0003:0C12:0030.005C: unknown main item tag 0x0 [ 1190.510327][T11174] zeroplus 0003:0C12:0030.005C: hidraw0: USB HID v0.00 Device [HID 0c12:0030] on usb-dummy_hcd.2-1/input0 [ 1190.533937][T11174] zeroplus 0003:0C12:0030.005C: no inputs found [ 1190.744335][T11174] usb 3-1: USB disconnect, device number 25 [ 1191.674294][ T29] audit: type=1326 audit(1726300987.677:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14817 comm="syz.4.3965" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3d0357def9 code=0x0 [ 1191.791541][T14825] loop2: detected capacity change from 0 to 256 [ 1191.830748][T14825] exfat: Deprecated parameter 'namecase' [ 1192.111437][T14825] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1192.337624][ T29] audit: type=1800 audit(1726300988.357:93): pid=14825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3966" name="bus" dev="loop2" ino=1048998 res=0 errno=0 [ 1192.365215][ T29] audit: type=1800 audit(1726300988.357:94): pid=14825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3966" name="bus" dev="loop2" ino=1048998 res=0 errno=0 [ 1193.232927][T14838] program syz.3.3967 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1194.551001][T14854] loop4: detected capacity change from 0 to 256 [ 1195.243327][T14865] loop2: detected capacity change from 0 to 512 [ 1195.367232][T14868] loop4: detected capacity change from 0 to 512 [ 1195.470898][T14874] loop0: detected capacity change from 0 to 256 [ 1195.503093][T14865] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1195.516630][T14865] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1195.590110][T14868] EXT4-fs error (device loop4): __ext4_iget:4985: inode #15: block 1803188595: comm syz.4.3986: invalid block [ 1195.679199][T14868] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.3986: couldn't read orphan inode 15 (err -117) [ 1195.745937][T14868] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1196.173977][T13103] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1196.228681][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1196.592427][T14870] loop1: detected capacity change from 0 to 4096 [ 1196.627365][T14870] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 1196.893483][T14870] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1197.019612][T14887] loop0: detected capacity change from 0 to 1024 [ 1197.037427][T14870] ntfs3: loop1: ino=1e, "file1" failed to parse mft record [ 1197.046116][T14870] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 1197.107614][T14887] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1197.363631][ T5240] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 1197.541859][T14287] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1197.641653][ T5240] usb 3-1: Using ep0 maxpacket: 32 [ 1197.671220][ T5240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1197.689640][ T5240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1197.702102][ T5240] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1197.711758][ T5240] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1197.770694][ T5240] usb 3-1: config 0 descriptor?? [ 1197.814637][ T5240] hub 3-1:0.0: USB hub found [ 1198.125043][ T5240] hub 3-1:0.0: config failed, can't read hub descriptor (err -90) [ 1198.376030][ T5240] usbhid 3-1:0.0: can't add hid device: -71 [ 1198.383031][ T5240] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1198.453668][ T5240] usb 3-1: USB disconnect, device number 26 [ 1199.024641][T14909] netlink: 'syz.3.4002': attribute type 1 has an invalid length. [ 1199.033231][T14909] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4002'. [ 1201.085492][T14938] loop0: detected capacity change from 0 to 16 [ 1201.114619][T14938] erofs: (device loop0): mounted with root inode @ nid 36. [ 1201.223569][T14938] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 0 @ lcn 0 of nid 36 [ 1201.235168][T14938] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 1201.713585][T14947] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4021'. [ 1202.415473][T14961] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4027'. [ 1202.780972][T14962] loop0: detected capacity change from 0 to 2048 [ 1202.868674][T14962] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1204.221883][T14983] futex_wake_op: syz.4.4038 tries to shift op by 144; fix this program [ 1204.366085][T14986] loop0: detected capacity change from 0 to 256 [ 1204.466717][T14987] loop2: detected capacity change from 0 to 256 [ 1204.635672][T14986] FAT-fs (loop0): Directory bread(block 64) failed [ 1204.650207][T14986] FAT-fs (loop0): Directory bread(block 65) failed [ 1204.659751][T14986] FAT-fs (loop0): Directory bread(block 66) failed [ 1204.666883][T14986] FAT-fs (loop0): Directory bread(block 67) failed [ 1204.674113][T14986] FAT-fs (loop0): Directory bread(block 68) failed [ 1204.680938][T14986] FAT-fs (loop0): Directory bread(block 69) failed [ 1204.688248][T14986] FAT-fs (loop0): Directory bread(block 70) failed [ 1204.695297][T14986] FAT-fs (loop0): Directory bread(block 71) failed [ 1204.702451][T14986] FAT-fs (loop0): Directory bread(block 72) failed [ 1204.709305][T14986] FAT-fs (loop0): Directory bread(block 73) failed [ 1205.432309][T14998] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4044'. [ 1205.708082][T15003] loop1: detected capacity change from 0 to 64 [ 1205.867157][T15003] PM: Enabling pm_trace changes system date and time during resume. [ 1205.867157][T15003] PM: Correct system time has to be restored manually after resume. [ 1206.298256][T15012] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4051'. [ 1206.308791][T15012] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4051'. [ 1206.546059][T15008] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4047'. [ 1207.093653][ T10] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 1207.341676][ T10] usb 3-1: Using ep0 maxpacket: 8 [ 1207.372636][ T10] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 1207.382208][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1207.390536][ T10] usb 3-1: Product: syz [ 1207.395277][ T10] usb 3-1: Manufacturer: syz [ 1207.400153][ T10] usb 3-1: SerialNumber: syz [ 1207.474295][ T10] usb 3-1: config 0 descriptor?? [ 1207.504044][ T10] radio-usb-si4713 3-1:0.0: Si4713 development board discovered: (10C4:8244) [ 1208.256057][ T10] radio-usb-si4713 3-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 1208.268013][ T10] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 1208.342867][ T10] usb 3-1: USB disconnect, device number 27 [ 1208.587987][T15037] program syz.0.4063 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1212.386390][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 1212.393460][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 1212.690906][T15071] loop1: detected capacity change from 0 to 1024 [ 1212.792678][T15071] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 1213.001255][T15071] hfsplus: xattr searching failed [ 1214.535043][T15084] loop2: detected capacity change from 0 to 64 [ 1216.644674][ T10] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 1216.881732][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 1216.959087][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1216.970694][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1216.981061][ T10] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1216.994565][ T10] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 1217.004473][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1217.092000][ T5240] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 1217.101479][ T10] usb 4-1: config 0 descriptor?? [ 1217.370112][ T5240] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 1217.379907][ T5240] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 895 [ 1217.390358][ T5240] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 2 [ 1217.495195][ T5240] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00 [ 1217.505087][ T5240] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1217.514012][ T5240] usb 2-1: SerialNumber: syz [ 1217.575228][ T5240] usb 2-1: config 0 descriptor?? [ 1217.584270][T15094] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1217.662918][T15094] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1217.716021][ C1] port100 2-1:0.0: NFC: Urb failure (status -71) [ 1217.724139][ C1] port100 2-1:0.0: NFC: Urb failure (status -71) [ 1217.781028][ T5240] port100 2-1:0.0: NFC: Could not get supported command types [ 1217.791563][T15106] loop0: detected capacity change from 0 to 16 [ 1217.818212][T15106] erofs: (device loop0): mounted with root inode @ nid 36. [ 1217.918491][ T5240] usb 2-1: USB disconnect, device number 31 [ 1217.982456][ T10] ryos 0003:1E7D:31CE.005D: unknown main item tag 0x0 [ 1217.989685][ T10] ryos 0003:1E7D:31CE.005D: unbalanced delimiter at end of report description [ 1218.016028][ T10] ryos 0003:1E7D:31CE.005D: parse failed [ 1218.022492][ T10] ryos 0003:1E7D:31CE.005D: probe with driver ryos failed with error -22 [ 1218.302884][ T5240] usb 4-1: USB disconnect, device number 33 [ 1218.961651][T15114] loop2: detected capacity change from 0 to 2048 [ 1219.175884][T15114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1219.750661][T11053] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 1219.834311][T11053] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 1219.847245][T11053] EXT4-fs (loop2): This should not happen!! Data will be lost [ 1219.847245][T11053] [ 1219.857510][T11053] EXT4-fs (loop2): Total free blocks count 0 [ 1219.863908][T11053] EXT4-fs (loop2): Free/Dirty block details [ 1219.870075][T11053] EXT4-fs (loop2): free_blocks=66060288 [ 1219.876175][T11053] EXT4-fs (loop2): dirty_blocks=16 [ 1219.881662][T11053] EXT4-fs (loop2): Block reservation details [ 1219.887917][T11053] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 1220.075121][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1220.424928][T15133] syz.0.4108 (15133): drop_caches: 4 [ 1220.583905][T15138] netlink: 'syz.1.4109': attribute type 4 has an invalid length. [ 1220.592377][T15138] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4109'. [ 1221.485582][T15144] loop2: detected capacity change from 0 to 2048 [ 1221.554250][T15144] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1221.662549][T15152] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1221.682654][T15144] syz.2.4112: attempt to access beyond end of device [ 1221.682654][T15144] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 1223.013337][T15167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4122'. [ 1223.022817][T15167] netlink: 26 bytes leftover after parsing attributes in process `syz.0.4122'. [ 1223.505950][T11053] bridge_slave_1: left allmulticast mode [ 1223.512264][T11053] bridge_slave_1: left promiscuous mode [ 1223.518983][T11053] bridge0: port 2(bridge_slave_1) entered disabled state [ 1223.617948][T11053] bridge_slave_0: left allmulticast mode [ 1223.624142][T11053] bridge_slave_0: left promiscuous mode [ 1223.630933][T11053] bridge0: port 1(bridge_slave_0) entered disabled state [ 1224.388137][T15179] loop0: detected capacity change from 0 to 2048 [ 1224.592245][T11053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1224.676962][T11053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1224.688240][T15179] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1224.729596][T11053] bond0 (unregistering): Released all slaves [ 1225.009478][ T29] audit: type=1800 audit(1726301021.017:95): pid=15179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4128" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 1225.047438][T15179] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 1225.676368][T15192] loop1: detected capacity change from 0 to 256 [ 1225.781251][T15192] exfat: Deprecated parameter 'namecase' [ 1225.820710][T14287] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1225.960520][T11053] hsr_slave_0: left promiscuous mode [ 1225.962342][T15192] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf794f3fa, utbl_chksum : 0xe619d30d) [ 1226.074940][T11053] hsr_slave_1: left promiscuous mode [ 1226.124597][T11053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1226.132616][T11053] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1226.259048][T11053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1226.267272][T11053] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1226.409208][T11053] veth1_macvtap: left promiscuous mode [ 1226.415449][T11053] veth0_macvtap: left promiscuous mode [ 1226.421756][T11053] veth1_vlan: left promiscuous mode [ 1226.427388][T11053] veth0_vlan: left promiscuous mode [ 1227.665122][T11053] team0 (unregistering): Port device team_slave_1 removed [ 1227.763363][T11053] team0 (unregistering): Port device team_slave_0 removed [ 1228.895420][T15219] loop2: detected capacity change from 0 to 1024 [ 1229.077285][T15219] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1229.090227][T15219] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1229.412014][ T29] audit: type=1800 audit(1726301025.437:96): pid=15219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4145" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 1229.764636][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1230.921724][T15252] loop4: detected capacity change from 0 to 512 [ 1230.943970][T15252] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1231.007718][T15252] EXT4-fs error (device loop4): __ext4_get_inode_loc:4436: comm syz.4.4159: Invalid inode table block 0 in block_group 0 [ 1231.023576][T15252] EXT4-fs (loop4): get root inode failed [ 1231.029522][T15252] EXT4-fs (loop4): mount failed [ 1231.608727][T15241] loop2: detected capacity change from 0 to 4096 [ 1233.551784][T15289] loop2: detected capacity change from 0 to 1024 [ 1233.662083][T15289] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1233.786622][T15289] overlayfs: conflicting options: metacopy=off,verity=on [ 1233.979711][T15301] loop0: detected capacity change from 0 to 1024 [ 1233.999670][T15301] EXT4-fs: Ignoring removed oldalloc option [ 1234.042494][T15301] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1234.243959][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1234.474001][T14287] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1235.543037][T11174] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 1235.781612][T11174] usb 5-1: Using ep0 maxpacket: 16 [ 1235.799725][T11174] usb 5-1: config 0 has an invalid interface number: 4 but max is 0 [ 1235.808581][T11174] usb 5-1: config 0 has no interface number 0 [ 1235.815240][T11174] usb 5-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1235.826772][T11174] usb 5-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1235.837161][T11174] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 1235.846721][T11174] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1235.933766][T11174] usb 5-1: config 0 descriptor?? [ 1236.762541][ T5240] usb 5-1: USB disconnect, device number 33 [ 1237.182526][T15339] [U] VÔ3¸ÂFÙ¾"WÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«= [ 1237.192529][T15339] [U] J"—E:ÀÆ" [ 1238.330641][T15358] loop4: detected capacity change from 0 to 256 [ 1238.473187][T15360] loop1: detected capacity change from 0 to 128 [ 1238.484812][T15360] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1238.596008][T15358] FAT-fs (loop4): Directory bread(block 64) failed [ 1238.603491][T15358] FAT-fs (loop4): Directory bread(block 65) failed [ 1238.610513][T15358] FAT-fs (loop4): Directory bread(block 66) failed [ 1238.617711][T15358] FAT-fs (loop4): Directory bread(block 67) failed [ 1238.624950][T15358] FAT-fs (loop4): Directory bread(block 68) failed [ 1238.632024][T15358] FAT-fs (loop4): Directory bread(block 69) failed [ 1238.646049][T15358] FAT-fs (loop4): Directory bread(block 70) failed [ 1238.654999][T15358] FAT-fs (loop4): Directory bread(block 71) failed [ 1238.662242][T15358] FAT-fs (loop4): Directory bread(block 72) failed [ 1238.669082][T15358] FAT-fs (loop4): Directory bread(block 73) failed [ 1239.958139][T15364] loop2: detected capacity change from 0 to 4096 [ 1240.011740][T15364] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 1240.197061][T15364] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1240.343870][T15380] sp0: Synchronizing with TNC [ 1241.322012][T11174] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 1241.521707][T11174] usb 5-1: Using ep0 maxpacket: 16 [ 1241.536148][T11174] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 1241.544937][T11174] usb 5-1: config 0 has no interface number 0 [ 1241.551512][T11174] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1241.562937][T11174] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1241.628381][T11174] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1241.638549][T11174] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1241.647258][T11174] usb 5-1: Product: syz [ 1241.651803][T11174] usb 5-1: SerialNumber: syz [ 1241.673923][T11174] usb 5-1: config 0 descriptor?? [ 1241.693873][T11174] cm109 5-1:0.8: invalid payload size 0, expected 4 [ 1241.703882][T11174] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input27 [ 1242.054139][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.061890][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.069553][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.085023][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.092768][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.100478][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.108200][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.115919][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.123641][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.131328][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.215306][T11174] usb 5-1: USB disconnect, device number 34 [ 1242.215547][ C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1242.272348][T11174] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1244.062396][T15420] (syz.4.4232,15420,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 1244.079343][T15420] (syz.4.4232,15420,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 1244.227168][T11174] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 1244.369730][T15422] loop1: detected capacity change from 0 to 128 [ 1244.473832][T15422] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1244.504675][T15422] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1244.573824][T11174] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1244.591137][T11174] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1244.603282][T11174] usb 4-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00 [ 1244.613224][T11174] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1244.715732][T11174] usb 4-1: config 0 descriptor?? [ 1244.715865][T15422] EXT4-fs error (device loop1): ext4_validate_inode_bitmap:106: comm syz.1.4233: Corrupt inode bitmap - block_group = 0, inode_bitmap = 19 [ 1245.115796][T11084] Bluetooth: hci0: command 0x0406 tx timeout [ 1245.167746][T12886] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1245.667317][T11174] wacom 0003:056A:030A.005F: hidraw0: USB HID v0.00 Device [HID 056a:030a] on usb-dummy_hcd.3-1/input0 [ 1245.719013][T15441] loop0: detected capacity change from 0 to 256 [ 1245.946044][T11174] usb 4-1: USB disconnect, device number 34 [ 1246.181987][T15441] FAT-fs (loop0): Directory bread(block 64) failed [ 1246.188985][T15441] FAT-fs (loop0): Directory bread(block 65) failed [ 1246.196226][T15441] FAT-fs (loop0): Directory bread(block 66) failed [ 1246.203367][T15441] FAT-fs (loop0): Directory bread(block 67) failed [ 1246.210425][T15441] FAT-fs (loop0): Directory bread(block 68) failed [ 1246.224071][T15441] FAT-fs (loop0): Directory bread(block 69) failed [ 1246.231077][T15441] FAT-fs (loop0): Directory bread(block 70) failed [ 1246.240126][T15441] FAT-fs (loop0): Directory bread(block 71) failed [ 1246.247288][T15441] FAT-fs (loop0): Directory bread(block 72) failed [ 1246.254291][T15441] FAT-fs (loop0): Directory bread(block 73) failed [ 1246.465489][T15448] loop2: detected capacity change from 0 to 1024 [ 1250.589027][T15512] autofs: Bad value for 'fd' [ 1250.671647][T11174] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 1251.007543][T11174] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1251.019550][T11174] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1251.036046][T11174] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1251.051553][T11174] usb 4-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00 [ 1251.061034][T11174] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1251.144158][T11174] usb 4-1: config 0 descriptor?? [ 1251.284510][T15520] loop4: detected capacity change from 0 to 64 [ 1251.419678][ T29] audit: type=1800 audit(1726301047.434:97): pid=15520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4279" name="file2" dev="loop4" ino=19 res=0 errno=0 [ 1251.702869][ T5240] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 1251.795809][T15524] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4281'. [ 1251.921831][ T5240] usb 2-1: Using ep0 maxpacket: 8 [ 1251.939412][ T5240] usb 2-1: config 1 has an invalid interface number: 8 but max is 2 [ 1251.956771][ T5240] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1251.973037][ T5240] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1251.984190][ T5240] usb 2-1: config 1 has no interface number 0 [ 1252.075542][ T5240] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1252.085435][ T5240] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1252.093916][ T5240] usb 2-1: Product: syz [ 1252.098369][ T5240] usb 2-1: Manufacturer: syz [ 1252.103465][ T5240] usb 2-1: SerialNumber: syz [ 1252.211750][T10603] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 1252.414245][T11174] betop 0003:11C2:2208.0060: hidraw0: USB HID v0.00 Device [HID 11c2:2208] on usb-dummy_hcd.3-1/input0 [ 1252.426274][T11174] betop 0003:11C2:2208.0060: no inputs found [ 1252.472416][T10603] usb 3-1: Using ep0 maxpacket: 8 [ 1252.512939][ T5194] Bluetooth: hci6: unknown advertising packet type: 0x14 [ 1252.513111][ T5194] Bluetooth: hci6: unknown advertising packet type: 0x20 [ 1252.522179][ T5194] Bluetooth: hci6: unknown advertising packet type: 0x08 [ 1252.529747][ T5194] Bluetooth: hci6: Malformed LE Event: 0x02 [ 1252.599263][ T5240] usb 2-1: cannot find UAC_HEADER [ 1252.630669][T10603] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1252.642338][T10603] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1252.652664][T10603] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 1252.666774][T10603] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 1252.681685][T10603] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1252.705098][ T5240] snd-usb-audio 2-1:1.8: probe with driver snd-usb-audio failed with error -22 [ 1252.742842][T10603] usb 3-1: config 0 descriptor?? [ 1252.795352][ T5240] usb 2-1: USB disconnect, device number 32 [ 1252.820360][ T5270] usb 4-1: USB disconnect, device number 35 [ 1253.248752][T10603] sony 0003:054C:0268.0061: unknown main item tag 0x6 [ 1253.256191][T10603] sony 0003:054C:0268.0061: item fetching failed at offset 17/70 [ 1253.339413][T10603] sony 0003:054C:0268.0061: parse failed [ 1253.350022][T10603] sony 0003:054C:0268.0061: probe with driver sony failed with error -22 [ 1253.507000][T10603] usb 3-1: USB disconnect, device number 28 [ 1254.292124][T15546] loop4: detected capacity change from 0 to 16 [ 1254.373959][T15546] erofs: (device loop4): mounted with root inode @ nid 36. [ 1257.968629][T15601] loop2: detected capacity change from 0 to 512 [ 1258.013375][T15601] EXT4-fs (loop2): filesystem is read-only [ 1258.025349][T15601] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 1258.077453][T15601] EXT4-fs (loop2): filesystem is read-only [ 1258.083898][T15601] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1258.152602][T15601] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4318: bg 0: block 64: padding at end of block bitmap is not set [ 1258.156958][T15609] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4319'. [ 1258.214826][T15608] netlink: 'syz.0.4321': attribute type 3 has an invalid length. [ 1258.225824][T15608] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.4321'. [ 1258.255525][T15601] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 1258.266514][T15601] EXT4-fs (loop2): 1 orphan inode deleted [ 1258.274675][T15601] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1258.679851][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1258.801028][ T29] audit: type=1400 audit(1726301054.784:98): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=15613 comm="syz.1.4323" [ 1258.910034][T15611] loop4: detected capacity change from 0 to 2048 [ 1259.045323][T15611] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1259.488193][T15623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4328'. [ 1259.547795][T11174] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 1259.791707][T11174] usb 2-1: Using ep0 maxpacket: 16 [ 1259.807816][T11174] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1259.819398][T11174] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1259.829788][T11174] usb 2-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00 [ 1259.844793][T11174] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1259.914772][T11174] usb 2-1: config 0 descriptor?? [ 1260.102492][T15632] Invalid architecture in ELF header: 0 [ 1260.436210][T11174] chicony 0003:04F2:1421.0062: item fetching failed at offset 3/5 [ 1260.508115][T11174] chicony 0003:04F2:1421.0062: Chicony hid parse failed: -22 [ 1260.516387][T11174] chicony 0003:04F2:1421.0062: probe with driver chicony failed with error -22 [ 1260.640266][T10603] usb 2-1: USB disconnect, device number 33 [ 1261.290212][T15643] netlink: 'syz.4.4338': attribute type 2 has an invalid length. [ 1261.611966][ T5240] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 1261.703665][T15650] loop1: detected capacity change from 0 to 512 [ 1261.744864][T15650] EXT4-fs: Ignoring removed oldalloc option [ 1261.831026][T15650] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 1261.850098][T15650] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.4341: invalid indirect mapped block 2683928664 (level 1) [ 1261.865859][ T5240] usb 3-1: Using ep0 maxpacket: 8 [ 1261.915373][ T5240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 223, changing to 11 [ 1261.927423][ T5240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1261.937850][ T5240] usb 3-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00 [ 1261.947352][ T5240] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1261.951039][T15650] EXT4-fs (loop1): 1 truncate cleaned up [ 1261.964084][T15650] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1261.970088][ T5240] usb 3-1: config 0 descriptor?? [ 1262.051613][ T5243] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 1262.170785][T15650] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.4341: Invalid block bitmap block 3 in block_group 0 [ 1262.285779][ T5243] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1262.303587][ T5243] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1262.315970][ T5243] usb 5-1: New USB device found, idVendor=048d, idProduct=ce50, bcdDevice= 0.00 [ 1262.325500][ T5243] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1262.407269][ T5243] usb 5-1: config 0 descriptor?? [ 1262.520683][T12886] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1262.550893][ T5240] hid-alps 0003:044E:1215.0063: unknown main item tag 0x0 [ 1262.558800][ T5240] hid-alps 0003:044E:1215.0063: item fetching failed at offset 2/5 [ 1262.585676][ T5240] hid-alps 0003:044E:1215.0063: parse failed [ 1262.593414][ T5240] hid-alps 0003:044E:1215.0063: probe with driver hid-alps failed with error -22 [ 1262.892564][ T5240] usb 3-1: USB disconnect, device number 29 [ 1262.961026][ T5243] asus 0003:048D:CE50.0064: unknown main item tag 0xd [ 1263.043533][ T5243] asus 0003:048D:CE50.0064: hidraw0: USB HID v0.00 Device [HID 048d:ce50] on usb-dummy_hcd.4-1/input0 [ 1263.056001][ T5243] asus 0003:048D:CE50.0064: Asus input not registered [ 1263.090783][ T5243] asus 0003:048D:CE50.0064: probe with driver asus failed with error -12 [ 1263.272333][ T5240] usb 5-1: USB disconnect, device number 35 [ 1264.983746][T15668] loop0: detected capacity change from 0 to 4096 [ 1265.116668][T15683] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1265.259769][T15684] loop2: detected capacity change from 0 to 1024 [ 1265.377599][T15680] netlink: 'syz.3.4353': attribute type 30 has an invalid length. [ 1265.608395][T11084] Bluetooth: hci5: command 0x0405 tx timeout [ 1265.801543][T15686] loop4: detected capacity change from 0 to 1024 [ 1265.968227][T15686] hfsplus: bad catalog entry type [ 1265.976377][T15688] loop0: detected capacity change from 0 to 128 [ 1266.008353][T15688] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1266.106324][T15690] loop2: detected capacity change from 0 to 256 [ 1266.156603][T15690] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1266.156702][T15690] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 1266.244492][T15690] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe563dbae, utbl_chksum : 0xe619d30d) [ 1266.248116][ T3209] hfsplus: b-tree write err: -5, ino 4 [ 1266.709917][ T29] audit: type=1326 audit(1726301062.704:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15694 comm="syz.4.4361" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d0357def9 code=0x0 [ 1267.258899][T15702] loop1: detected capacity change from 0 to 64 [ 1267.290277][T15701] IPv6: NLM_F_REPLACE set, but no existing node found! [ 1268.006259][T15708] mkiss: ax0: crc mode is auto. [ 1268.406621][T15712] loop2: detected capacity change from 0 to 1024 [ 1268.855476][ T5243] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 1268.932890][T15724] cgroup: No subsys list or none specified [ 1269.057496][T11174] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 1269.093220][ T5243] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1269.103013][ T5243] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1269.167933][ T5243] usb 5-1: config 0 descriptor?? [ 1269.196543][ T5243] cp210x 5-1:0.0: cp210x converter detected [ 1269.333872][T11174] usb 4-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 1269.347428][T11174] usb 4-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0 [ 1269.371477][T11174] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1269.382451][T11174] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1269.396150][T11174] usb 4-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 1269.406069][T11174] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1269.488822][T11174] usb 4-1: config 0 descriptor?? [ 1269.544451][T11174] usb-storage 4-1:0.0: USB Mass Storage device detected [ 1269.602978][T11174] usb-storage 4-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 1269.740796][T15732] loop0: detected capacity change from 0 to 256 [ 1269.902003][ T5243] cp210x 5-1:0.0: failed to get vendor val 0x370c size 73: -71 [ 1269.909928][ T5243] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 1269.933079][ T5243] usb 5-1: cp210x converter now attached to ttyUSB0 [ 1269.945516][ T5243] usb 5-1: USB disconnect, device number 36 [ 1269.963031][ T5243] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1269.972495][ T5243] cp210x 5-1:0.0: device disconnected [ 1270.134100][T11174] usb 4-1: USB disconnect, device number 36 [ 1271.568022][T15755] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4389'. [ 1272.172931][T15763] hugetlbfs: Bad value '%' for mount option 'nr_inodes' [ 1272.172931][T15763] [ 1272.521064][T15769] loop2: detected capacity change from 0 to 256 [ 1273.719059][T15781] loop2: detected capacity change from 0 to 2048 [ 1273.795253][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 1273.802193][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 1273.958326][T15781] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1274.472627][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1276.287815][T15822] netlink: 84 bytes leftover after parsing attributes in process `syz.1.4420'. [ 1277.371965][ T5270] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 1277.594129][ T5270] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 1277.603741][ T5270] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1277.612350][ T5270] usb 2-1: Product: syz [ 1277.619625][ T5270] usb 2-1: Manufacturer: syz [ 1277.627519][ T5270] usb 2-1: SerialNumber: syz [ 1277.734941][ T5270] usb 2-1: config 0 descriptor?? [ 1277.789755][ T5270] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 1277.909500][T15840] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4430'. [ 1278.098571][T15846] overlayfs: conflicting options: userxattr,redirect_dir=follow [ 1278.471082][ T5270] gspca_sunplus: reg_r err -71 [ 1278.485654][ T5270] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 1278.532895][ T5270] usb 2-1: USB disconnect, device number 34 [ 1279.436763][T15861] loop4: detected capacity change from 0 to 256 [ 1279.521660][T15861] exfat: Deprecated parameter 'codepage' [ 1279.527701][T15861] exfat: Bad value for 'codepage' [ 1279.645226][T15861] netlink: 'syz.4.4438': attribute type 32 has an invalid length. [ 1279.653675][T15861] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4438'. [ 1280.090407][T15865] netlink: 'syz.0.4441': attribute type 12 has an invalid length. [ 1280.099113][T15865] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4441'. [ 1280.772327][ T5243] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 1281.003736][ T5243] usb 5-1: Using ep0 maxpacket: 8 [ 1281.052381][ T5243] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 1281.063898][ T5243] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1281.075345][ T5243] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1281.085721][ T5243] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 1281.099405][ T5243] usb 5-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 1281.108937][ T5243] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1281.260645][ T5243] usb 5-1: config 0 descriptor?? [ 1281.866760][ T5243] kye 0003:0458:5010.0065: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 1281.893403][ T5243] kye 0003:0458:5010.0065: unknown main item tag 0x0 [ 1281.900667][ T5243] kye 0003:0458:5010.0065: unknown main item tag 0x0 [ 1281.908658][ T5243] kye 0003:0458:5010.0065: unknown main item tag 0x0 [ 1281.915964][ T5243] kye 0003:0458:5010.0065: unknown main item tag 0x0 [ 1281.923705][ T5243] kye 0003:0458:5010.0065: unknown main item tag 0x0 [ 1281.930786][ T5243] kye 0003:0458:5010.0065: unknown main item tag 0x0 [ 1281.938068][ T5243] kye 0003:0458:5010.0065: unknown main item tag 0x0 [ 1282.175375][ T5243] kye 0003:0458:5010.0065: hidraw0: USB HID v0.00 Device [HID 0458:5010] on usb-dummy_hcd.4-1/input0 [ 1282.186882][ T5243] kye 0003:0458:5010.0065: tablet-enabling feature report not found [ 1282.195463][ T5243] kye 0003:0458:5010.0065: tablet enabling failed [ 1282.288489][ T5243] usb 5-1: USB disconnect, device number 37 [ 1282.927391][T15890] loop0: detected capacity change from 0 to 8 [ 1283.180282][T15890] SQUASHFS error: xz decompression failed, data probably corrupt [ 1283.195141][T15890] SQUASHFS error: Failed to read block 0x108: -5 [ 1283.203794][T15890] SQUASHFS error: Unable to read metadata cache entry [106] [ 1283.212084][T15890] SQUASHFS error: Unable to read inode 0x0 [ 1284.052237][T15906] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1284.064704][T15906] overlayfs: missing 'lowerdir' [ 1284.112763][T15907] netlink: 'syz.0.4460': attribute type 2 has an invalid length. [ 1284.120930][T15907] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4460'. [ 1285.062472][T15917] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4466'. [ 1285.209239][T15919] loop1: detected capacity change from 0 to 256 [ 1285.378245][T15919] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1285.457426][T15922] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4468'. [ 1285.492575][T15921] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4468'. [ 1286.655942][T15936] netlink: 'syz.4.4474': attribute type 1 has an invalid length. [ 1288.244599][ T29] audit: type=1326 audit(1726301084.214:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15943 comm="syz.0.4476" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5ee5b7def9 code=0x0 [ 1288.578228][T15951] program syz.2.4479 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1289.438196][T15956] CIFS mount error: No usable UNC path provided in device string! [ 1289.438196][T15956] [ 1289.448757][T15956] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1290.299797][T15966] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4484'. [ 1290.349443][T15965] veth1_macvtap: left promiscuous mode [ 1290.360741][T15965] macsec0: entered allmulticast mode [ 1290.415315][T15970] veth1_macvtap: entered promiscuous mode [ 1290.421560][T15970] veth1_macvtap: entered allmulticast mode [ 1290.427926][T15970] macsec0: left allmulticast mode [ 1290.435677][T15970] veth1_macvtap: left allmulticast mode [ 1290.502105][T15969] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4487'. [ 1291.579158][T15985] loop0: detected capacity change from 0 to 64 [ 1291.676063][T15981] loop2: detected capacity change from 0 to 2048 [ 1291.826188][T15981] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1291.952251][T15981] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1292.347400][ T5240] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 1292.561106][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1292.646490][ T5240] usb 4-1: Using ep0 maxpacket: 8 [ 1292.791039][ T5240] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 1292.800592][ T5240] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1292.814871][ T5240] usb 4-1: Product: syz [ 1292.819362][ T5240] usb 4-1: Manufacturer: syz [ 1292.826101][ T5240] usb 4-1: SerialNumber: syz [ 1292.934074][ T5240] usb 4-1: config 0 descriptor?? [ 1292.961780][ T5240] gspca_main: sq930x-2.14.0 probing 2770:930c [ 1293.502056][T16008] loop1: detected capacity change from 0 to 256 [ 1293.572290][ T5240] gspca_sq930x: reg_r 001f failed -110 [ 1293.578470][ T5240] sq930x 4-1:0.0: probe with driver sq930x failed with error -110 [ 1294.076082][T16014] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4506'. [ 1294.794025][T16010] loop0: detected capacity change from 0 to 4096 [ 1294.880164][T16010] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 1295.315434][T16010] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1295.457584][T10603] usb 4-1: USB disconnect, device number 37 [ 1296.275884][T16041] netlink: 'syz.0.4516': attribute type 11 has an invalid length. [ 1296.284474][T16041] netlink: 140 bytes leftover after parsing attributes in process `syz.0.4516'. [ 1296.440113][T16040] loop1: detected capacity change from 0 to 1024 [ 1296.517317][T16040] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1296.954028][T12886] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1298.244676][T16071] loop2: detected capacity change from 0 to 16 [ 1299.332974][T16089] loop2: detected capacity change from 0 to 64 [ 1299.963020][T16095] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4541'. [ 1301.024547][T16114] netlink: 84 bytes leftover after parsing attributes in process `syz.3.4545'. [ 1301.036621][T16114] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1301.653040][T16123] tmpfs: Bad value for 'mpol' [ 1302.638402][T16142] loop0: detected capacity change from 0 to 256 [ 1302.802469][T16144] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4565'. [ 1302.811797][T16144] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4565'. [ 1303.238115][T16147] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1303.863527][T16160] Bluetooth: MGMT ver 1.23 [ 1305.161902][T16177] loop0: detected capacity change from 0 to 164 [ 1305.230842][T16177] isofs: isofs_export_get_parent(): child directory not normalized! [ 1305.307628][ T25] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 1305.547898][ T25] usb 2-1: Using ep0 maxpacket: 16 [ 1305.583572][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1305.595068][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1305.605350][ T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1305.624180][ T25] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1305.638517][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1305.707567][ T25] usb 2-1: config 0 descriptor?? [ 1305.889363][T16186] loop0: detected capacity change from 0 to 128 [ 1305.975530][ T29] audit: type=1326 audit(1726301101.954:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16184 comm="syz.2.4586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1305.998927][ T29] audit: type=1326 audit(1726301101.954:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16184 comm="syz.2.4586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1306.028241][ T29] audit: type=1326 audit(1726301101.994:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16184 comm="syz.2.4586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1306.052901][ T29] audit: type=1326 audit(1726301101.994:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16184 comm="syz.2.4586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1306.217705][ T25] microsoft 0003:045E:07DA.0066: unknown main item tag 0x0 [ 1306.235613][ T25] microsoft 0003:045E:07DA.0066: unknown main item tag 0x0 [ 1306.245845][ T25] microsoft 0003:045E:07DA.0066: unknown main item tag 0x0 [ 1306.253558][ T25] microsoft 0003:045E:07DA.0066: unknown main item tag 0x0 [ 1306.261172][ T25] microsoft 0003:045E:07DA.0066: unknown main item tag 0x0 [ 1306.268885][ T25] microsoft 0003:045E:07DA.0066: unknown main item tag 0x0 [ 1306.276623][ T25] microsoft 0003:045E:07DA.0066: unknown main item tag 0x0 [ 1306.284312][ T25] microsoft 0003:045E:07DA.0066: unknown main item tag 0x0 [ 1306.500615][ T25] microsoft 0003:045E:07DA.0066: No inputs registered, leaving [ 1306.592267][ T25] microsoft 0003:045E:07DA.0066: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1306.604280][ T25] microsoft 0003:045E:07DA.0066: no inputs found [ 1306.610909][ T25] microsoft 0003:045E:07DA.0066: could not initialize ff, continuing anyway [ 1306.706996][ T25] usb 2-1: USB disconnect, device number 35 [ 1307.583322][T16205] loop1: detected capacity change from 0 to 512 [ 1307.640345][T16205] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 1307.651136][T16205] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 1307.720168][T16205] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 1307.770097][T16199] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1307.779620][T16199] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1307.821911][T16196] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1307.828138][T16196] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 1307.837525][T16205] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 1307.887110][T16205] System zones: 0-2, 18-18, 34-34 [ 1307.904469][T16199] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 1307.911000][T16199] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1307.920943][T16205] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 1307.985166][T16196] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1307.991781][T16196] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 1308.055480][T16205] EXT4-fs (loop1): 1 truncate cleaned up [ 1308.064529][T16205] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1308.132578][T16196] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 1308.133013][T16199] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1308.138766][T16196] Bluetooth: hci6: Error when powering off device on rfkill (-4) [ 1308.145182][T16199] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1308.316356][T16199] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1308.323096][T16199] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 1308.353159][ T25] kernel write not supported for file /353/uid_map (pid: 25 comm: kworker/1:0) [ 1308.388536][T16213] loop2: detected capacity change from 0 to 1024 [ 1308.415917][T16196] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1308.422675][T16196] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 1308.506412][T16213] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1308.522129][T16196] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1308.528340][T16196] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 1308.587681][T16213] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1308.749756][T12886] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1309.139333][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1309.517253][T16230] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check. [ 1310.244147][T16239] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4609'. [ 1312.444450][T16269] loop2: detected capacity change from 0 to 2048 [ 1312.484264][T16269] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1312.585882][T16276] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1313.212955][ T5243] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 1313.452058][ T5243] usb 4-1: Using ep0 maxpacket: 32 [ 1313.560831][ T5243] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1313.572283][ T5243] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1313.582583][ T5243] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1313.603012][ T5243] usb 4-1: New USB device found, idVendor=044f, idProduct=b65a, bcdDevice= 0.00 [ 1313.614680][ T5243] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1313.663686][T16290] loop2: detected capacity change from 0 to 512 [ 1313.693861][ T5243] usb 4-1: config 0 descriptor?? [ 1313.713224][T16290] EXT4-fs: Ignoring removed nobh option [ 1313.872721][T16290] fscrypt (loop2, inode 2): Error -61 getting encryption context [ 1313.926844][T16290] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61 [ 1313.976672][T16290] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #13: comm syz.2.4631: casefold flag without casefold feature [ 1314.121885][T16290] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4631: couldn't read orphan inode 13 (err -117) [ 1314.186391][T16290] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1314.295044][T16300] loop0: detected capacity change from 0 to 256 [ 1314.482348][ T5243] thrustmaster 0003:044F:B65A.0067: unknown main item tag 0x0 [ 1314.488709][T16290] EXT4-fs: Ignoring removed orlov option [ 1314.533555][ T5243] thrustmaster 0003:044F:B65A.0067: hidraw0: USB HID vbc.30 Device [HID 044f:b65a] on usb-dummy_hcd.3-1/input0 [ 1314.541673][T16290] EXT4-fs error (device loop2): __ext4_remount:6491: comm syz.2.4631: Abort forced by user [ 1314.545778][ T5243] thrustmaster 0003:044F:B65A.0067: no inputs found [ 1314.597033][T16290] EXT4-fs (loop2): Remounting filesystem read-only [ 1314.605484][T16290] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none. [ 1314.729412][ T25] usb 4-1: USB disconnect, device number 38 [ 1314.855071][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1315.960184][ T5240] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 1316.189262][ T5240] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1316.201769][ T5240] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1316.212244][ T5240] usb 2-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00 [ 1316.221740][ T5240] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1316.275750][ T5240] usb 2-1: config 0 descriptor?? [ 1316.318360][T16321] usb usb8: usbfs: process 16321 (syz.4.4647) did not claim interface 0 before use [ 1316.328983][T16321] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1316.752267][ T5240] wacom 0003:056A:0045.0068: unbalanced delimiter at end of report description [ 1316.809976][ T5240] wacom 0003:056A:0045.0068: parse failed [ 1316.817013][ T5240] wacom 0003:056A:0045.0068: probe with driver wacom failed with error -22 [ 1316.941155][ T5240] usb 2-1: USB disconnect, device number 36 [ 1317.129570][ T25] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 1317.396242][ T5243] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 1317.410963][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1317.422722][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1317.433065][ T25] usb 3-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 1317.442576][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1317.475883][ T25] usb 3-1: config 0 descriptor?? [ 1317.611753][ T5243] usb 5-1: Using ep0 maxpacket: 32 [ 1317.644761][ T5243] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 1317.687696][ T5243] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 1317.703610][ T5243] usb 5-1: New USB device strings: Mfr=7, Product=0, SerialNumber=3 [ 1317.713912][ T5243] usb 5-1: Manufacturer: syz [ 1317.718802][ T5243] usb 5-1: SerialNumber: syz [ 1317.779357][ T5243] usb 5-1: config 0 descriptor?? [ 1317.787480][T16330] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 1317.893805][ T5243] hub 5-1:0.0: bad descriptor, ignoring hub [ 1317.908375][ T5243] hub 5-1:0.0: probe with driver hub failed with error -5 [ 1317.930993][ T5243] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input32 [ 1318.066630][ T25] lenovo 0003:17EF:6067.0069: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.2-1/input0 [ 1318.290112][T16330] loop4: detected capacity change from 0 to 256 [ 1318.454729][ T25] usb 3-1: USB disconnect, device number 30 [ 1318.549707][ T5240] usb 5-1: USB disconnect, device number 38 [ 1318.549942][ C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 1319.927034][ T5243] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 1320.171679][ T5243] usb 2-1: Using ep0 maxpacket: 16 [ 1320.214455][ T5243] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1320.225268][ T5243] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1320.234800][ T5243] usb 2-1: config 1 has no interface number 1 [ 1320.241487][ T5243] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 1320.250868][ T5243] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1320.267778][ T5243] usb 2-1: config 1 interface 2 has no altsetting 0 [ 1320.332793][ T5243] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1320.342527][ T5243] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1320.351120][ T5243] usb 2-1: Product: syz [ 1320.362848][ T5243] usb 2-1: Manufacturer: syz [ 1320.367746][ T5243] usb 2-1: SerialNumber: syz [ 1320.660717][T16361] loop2: detected capacity change from 0 to 256 [ 1320.722595][ T5243] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 1320.730952][ T5243] usb 2-1: 2:1: invalid format type 0x1002 is detected, processed as PCM [ 1320.739937][T16361] exfat: Deprecated parameter 'utf8' [ 1320.740733][T16361] exfat: Deprecated parameter 'namecase' [ 1320.746063][ T5243] usb 2-1: 2:1 : unsupported sample bitwidth 0 in 0 bytes [ 1320.759596][ T5243] usb 2-1: selecting invalid altsetting 0 [ 1320.846488][T16361] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x16b5df41, utbl_chksum : 0xe619d30d) [ 1320.861068][ T5243] usb 2-1: USB disconnect, device number 37 [ 1323.712478][T16388] loop1: detected capacity change from 0 to 164 [ 1324.923807][ T29] audit: type=1400 audit(1726301120.904:105): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A21D01A0B978D2F2F26 pid=16396 comm="syz.3.4681" [ 1329.299500][T16449] loop2: detected capacity change from 0 to 256 [ 1329.356140][T16450] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4706'. [ 1329.495001][T16453] loop0: detected capacity change from 0 to 64 [ 1329.547387][T16449] FAT-fs (loop2): error, corrupted file size (i_pos 196, 2097162) [ 1329.555611][ T29] audit: type=1800 audit(1726301125.544:106): pid=16449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4707" name="file1" dev="loop2" ino=1049058 res=0 errno=0 [ 1329.584461][T16449] FAT-fs (loop2): Filesystem has been set read-only [ 1330.208074][T16459] loop0: detected capacity change from 0 to 16 [ 1330.276359][T16459] erofs: (device loop0): mounted with root inode @ nid 36. [ 1330.754817][T16465] smb3: Bad value for 'uid' [ 1330.759628][T16465] smb3: Bad value for 'uid' [ 1332.259063][ T5240] IPVS: starting estimator thread 0... [ 1332.404164][T16482] IPVS: using max 192 ests per chain, 9600 per kthread [ 1333.040123][T16489] loop0: detected capacity change from 0 to 1024 [ 1333.125389][T16489] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1333.224169][T16489] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 1333.264567][T16489] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1333.278165][T16489] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4726: corrupted in-inode xattr: overlapping e_value [ 1333.372720][T16489] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4726: couldn't read orphan inode 15 (err -117) [ 1333.390321][T16499] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1333.408772][T16499] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1333.476801][T16499] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1333.492033][T16489] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1333.552563][T16499] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1333.582833][T16499] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1333.595731][T16499] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1333.678360][ T5194] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1333.694949][ T5194] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1333.714765][ T5194] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1333.733463][ T5194] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1333.803789][ T5194] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1333.842118][ T5194] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1334.102860][T14287] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1334.105156][T16497] loop2: detected capacity change from 0 to 2048 [ 1334.462785][T16497] hpfs: hpfs_map_sector(): read error [ 1335.236063][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 1335.243552][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 1335.517468][T16498] chnl_net:caif_netlink_parms(): no params data found [ 1335.930369][T16520] trusted_key: encrypted_key: keylen parameter is missing [ 1335.992908][ T5194] Bluetooth: hci1: command tx timeout [ 1337.262963][T16536] overlayfs: disabling nfs_export due to verity=require [ 1337.270328][T16536] overlayfs: missing 'lowerdir' [ 1337.513610][T16498] bridge0: port 1(bridge_slave_0) entered blocking state [ 1337.521968][T16498] bridge0: port 1(bridge_slave_0) entered disabled state [ 1337.529954][T16498] bridge_slave_0: entered allmulticast mode [ 1337.539818][T16498] bridge_slave_0: entered promiscuous mode [ 1337.727002][T16498] bridge0: port 2(bridge_slave_1) entered blocking state [ 1337.735138][T16498] bridge0: port 2(bridge_slave_1) entered disabled state [ 1337.743573][T16498] bridge_slave_1: entered allmulticast mode [ 1337.753307][T16498] bridge_slave_1: entered promiscuous mode [ 1338.057449][T16498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1338.082379][ T5194] Bluetooth: hci1: command tx timeout [ 1338.222061][T16498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1338.595952][T16498] team0: Port device team_slave_0 added [ 1338.695060][T16498] team0: Port device team_slave_1 added [ 1339.250368][T16498] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1339.257969][T16498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1339.284197][ C1] vkms_vblank_simulate: vblank timer overrun [ 1339.304673][T16498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1339.385648][T16498] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1339.393120][T16498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1339.426049][T16498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1339.938095][T16498] hsr_slave_0: entered promiscuous mode [ 1340.005300][T16498] hsr_slave_1: entered promiscuous mode [ 1340.077087][T16498] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1340.085105][T16498] Cannot create hsr debugfs directory [ 1340.155450][ T5194] Bluetooth: hci1: command tx timeout [ 1341.261783][T16498] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1341.465260][T16498] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1341.720513][T16498] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1341.995752][T16498] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1342.015708][T16584] overlayfs: missing 'lowerdir' [ 1342.232292][ T5194] Bluetooth: hci1: command tx timeout [ 1342.617654][T16498] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1342.794496][T16498] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1342.848470][T16498] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1342.951093][T16498] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1343.240651][T16596] loop2: detected capacity change from 0 to 64 [ 1344.616488][T16498] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1345.024629][T16498] 8021q: adding VLAN 0 to HW filter on device team0 [ 1345.192952][ T4560] bridge0: port 1(bridge_slave_0) entered blocking state [ 1345.200864][ T4560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1345.332792][ T4560] bridge0: port 2(bridge_slave_1) entered blocking state [ 1345.340607][ T4560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1347.474143][T16631] netlink: 'syz.0.4782': attribute type 2 has an invalid length. [ 1348.457640][T16498] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1349.810515][T16644] loop2: detected capacity change from 0 to 2048 [ 1349.823985][T16649] loop0: detected capacity change from 0 to 2048 [ 1349.886625][T16644] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1349.899875][T16649] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1350.000216][T16653] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1350.029135][T16654] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1350.031092][T16644] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 1350.082062][T16644] Remounting filesystem read-only [ 1352.090411][T16498] veth0_vlan: entered promiscuous mode [ 1352.244932][T16498] veth1_vlan: entered promiscuous mode [ 1352.790652][T16498] veth0_macvtap: entered promiscuous mode [ 1352.958150][T16498] veth1_macvtap: entered promiscuous mode [ 1353.372624][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1353.387152][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.397437][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1353.408358][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.418662][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1353.436112][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.448363][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1353.459250][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.472236][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1353.483132][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.493452][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1353.504287][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.520338][T16498] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1354.030181][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1354.041155][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1354.058382][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1354.071140][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1354.081551][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1354.092471][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1354.102880][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1354.113757][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1354.123955][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1354.134839][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1354.144999][T16498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1354.162517][T16498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1354.180944][T16498] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1354.434909][T16498] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1354.444274][T16498] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1354.460734][T16498] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1354.475411][T16498] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1357.230339][ T5240] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 1357.462073][ T5240] usb 3-1: Using ep0 maxpacket: 16 [ 1357.497188][ T5240] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 1357.506140][ T5240] usb 3-1: config 0 has no interface number 0 [ 1357.515283][ T5240] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 1357.532500][ T5240] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 1357.664657][ T5240] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 1357.674559][ T5240] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1357.683168][ T5240] usb 3-1: Product: syz [ 1357.687630][ T5240] usb 3-1: Manufacturer: syz [ 1357.692819][ T5240] usb 3-1: SerialNumber: syz [ 1357.773936][ T5240] usb 3-1: config 0 descriptor?? [ 1357.825812][T16714] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1357.922902][T16714] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1358.285776][T16714] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1358.507501][T16714] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1358.826853][ T5240] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1358.837537][ T5240] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71 [ 1358.848473][ T5240] asix 3-1:0.251: probe with driver asix failed with error -5 [ 1359.082782][ T5240] usb 3-1: USB disconnect, device number 31 [ 1360.974225][T16748] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4824'. [ 1361.893778][T16499] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1361.904064][T16499] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1361.937606][T16499] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1361.975818][T16499] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1361.987630][T16499] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1362.015475][T16499] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1363.523417][ T5243] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 1363.924008][ T5243] usb 2-1: Using ep0 maxpacket: 16 [ 1363.938394][ T5243] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1363.950615][ T5243] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1363.961108][ T5243] usb 2-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 1363.970584][ T5243] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1364.017682][T16774] loop0: detected capacity change from 0 to 1024 [ 1364.055441][ T5243] usb 2-1: config 0 descriptor?? [ 1364.122703][T16774] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 1364.133218][T16774] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29254!=20869) [ 1364.213949][ T5194] Bluetooth: hci7: command tx timeout [ 1364.309921][T16774] EXT4-fs (loop0): journal inode is deleted [ 1364.432935][T16753] chnl_net:caif_netlink_parms(): no params data found [ 1364.737973][T16774] openvswitch: netlink: Key type 12336 is out of range max 32 [ 1364.760305][ T5243] waterforce 0003:1044:7A4D.006A: unknown main item tag 0x0 [ 1364.769480][ T5243] waterforce 0003:1044:7A4D.006A: item fetching failed at offset 3/4 [ 1364.888302][ T5243] waterforce 0003:1044:7A4D.006A: hid parse failed with -22 [ 1364.896674][ T5243] waterforce 0003:1044:7A4D.006A: probe with driver waterforce failed with error -22 [ 1365.185144][ T5243] usb 2-1: USB disconnect, device number 38 [ 1365.202593][ T4560] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1365.216641][ T4560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1365.482079][ T4560] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1365.490204][ T4560] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1366.241727][ T5194] Bluetooth: hci7: command tx timeout [ 1366.585416][T16788] loop0: detected capacity change from 0 to 512 [ 1366.620708][T16785] loop1: detected capacity change from 0 to 1024 [ 1366.630755][T16785] EXT4-fs: Ignoring removed oldalloc option [ 1366.663448][T16785] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 1366.704102][T16788] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4837: corrupted in-inode xattr: invalid ea_ino [ 1366.755885][T16788] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4837: couldn't read orphan inode 15 (err -117) [ 1366.773357][T16788] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1366.869338][T16785] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1366.924245][T14287] EXT4-fs (loop0): unmounting filesystem 00000007-0000-0000-0000-000000000000. [ 1367.298900][T16753] bridge0: port 1(bridge_slave_0) entered blocking state [ 1367.307139][T16753] bridge0: port 1(bridge_slave_0) entered disabled state [ 1367.315450][T16753] bridge_slave_0: entered allmulticast mode [ 1367.325373][T16753] bridge_slave_0: entered promiscuous mode [ 1367.514883][T16753] bridge0: port 2(bridge_slave_1) entered blocking state [ 1367.523083][T16753] bridge0: port 2(bridge_slave_1) entered disabled state [ 1367.531119][T16753] bridge_slave_1: entered allmulticast mode [ 1367.541020][T16753] bridge_slave_1: entered promiscuous mode [ 1367.732609][T12886] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1367.947381][T16753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1368.060886][T16753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1368.119524][T16803] loop1: detected capacity change from 0 to 64 [ 1368.329439][T16803] hfs: unable to locate alternate MDB [ 1368.335354][T16803] hfs: continuing without an alternate MDB [ 1368.343789][ T5194] Bluetooth: hci7: command tx timeout [ 1368.580248][T16753] team0: Port device team_slave_0 added [ 1368.785068][T16753] team0: Port device team_slave_1 added [ 1369.141476][T16753] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1369.148693][T16753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1369.175308][T16753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1369.299089][T16753] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1369.314866][T16753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1369.343963][T16753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1369.729099][T16753] hsr_slave_0: entered promiscuous mode [ 1369.793791][T16753] hsr_slave_1: entered promiscuous mode [ 1369.879523][T16819] loop2: detected capacity change from 0 to 64 [ 1370.012741][T16753] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1370.027359][T16753] Cannot create hsr debugfs directory [ 1370.307402][T16819] hfs: small file entry [ 1370.396913][ T5194] Bluetooth: hci7: command tx timeout [ 1371.098125][ T29] audit: type=1326 audit(1726301167.064:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16824 comm="syz.0.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee5b7def9 code=0x7ffc0000 [ 1371.124619][ T29] audit: type=1326 audit(1726301167.064:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16824 comm="syz.0.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee5b7def9 code=0x7ffc0000 [ 1371.372652][ T29] audit: type=1326 audit(1726301167.324:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16824 comm="syz.0.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f5ee5b7def9 code=0x7ffc0000 [ 1371.395760][ T29] audit: type=1326 audit(1726301167.324:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16824 comm="syz.0.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee5b7def9 code=0x7ffc0000 [ 1371.418938][ T29] audit: type=1326 audit(1726301167.344:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16824 comm="syz.0.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee5b7def9 code=0x7ffc0000 [ 1371.852667][T16753] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1372.104615][T16753] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1372.295785][T16753] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1372.593276][T16753] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1372.809245][T16836] vlan2: entered promiscuous mode [ 1372.816298][T16836] vlan2: entered allmulticast mode [ 1373.529597][T16753] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1373.702846][T16753] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1373.759253][T16842] loop2: detected capacity change from 0 to 256 [ 1373.844047][T16842] exfat: Deprecated parameter 'utf8' [ 1373.853641][T16753] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1373.944353][T16753] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1374.149058][T16842] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 1375.495688][T16855] loop2: detected capacity change from 0 to 512 [ 1375.639292][T16855] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1375.659444][T16855] ext4 filesystem being mounted at /266/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1375.826457][T16753] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1376.143324][T16753] 8021q: adding VLAN 0 to HW filter on device team0 [ 1376.310481][ T4560] bridge0: port 1(bridge_slave_0) entered blocking state [ 1376.318413][ T4560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1376.463679][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1376.468856][ T4560] bridge0: port 2(bridge_slave_1) entered blocking state [ 1376.481003][ T4560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1377.776808][T16881] program syz.1.4873 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1378.161999][ T5244] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 1378.395253][ T5244] usb 3-1: Using ep0 maxpacket: 32 [ 1378.433623][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1378.445523][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 1378.457505][ T5244] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1378.467064][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1378.584151][ T5244] usb 3-1: config 0 descriptor?? [ 1378.596415][T16883] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1378.718965][ T5244] hub 3-1:0.0: USB hub found [ 1379.161521][ T5244] hub 3-1:0.0: 7 ports detected [ 1379.189211][ T5244] hub 3-1:0.0: insufficient power available to use all downstream ports [ 1379.362230][ T5244] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 1379.368917][ T5244] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 1379.460701][T16753] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1379.473731][ T5244] usbhid 3-1:0.0: can't add hid device: -71 [ 1379.480775][ T5244] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1379.604355][ T5244] usb 3-1: USB disconnect, device number 32 [ 1380.047581][T16896] loop4: detected capacity change from 0 to 512 [ 1380.112903][T16753] veth0_vlan: entered promiscuous mode [ 1380.218413][T16896] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1380.284742][T16753] veth1_vlan: entered promiscuous mode [ 1380.763094][T16896] EXT4-fs (loop4): 1 truncate cleaned up [ 1380.777314][T16896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1381.172982][ T3209] bridge_slave_1: left allmulticast mode [ 1381.178929][ T3209] bridge_slave_1: left promiscuous mode [ 1381.193640][ T3209] bridge0: port 2(bridge_slave_1) entered disabled state [ 1381.294758][T16658] syz.3.4790 (16658) used greatest stack depth: 2880 bytes left [ 1381.305651][ T3209] bridge_slave_0: left allmulticast mode [ 1381.311724][ T3209] bridge_slave_0: left promiscuous mode [ 1381.318458][ T3209] bridge0: port 1(bridge_slave_0) entered disabled state [ 1382.267689][T16498] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1382.487124][ T3209] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1382.596970][ T3209] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1382.666288][ T3209] bond0 (unregistering): Released all slaves [ 1383.166885][T16753] veth0_macvtap: entered promiscuous mode [ 1383.495198][ T25] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 1383.550190][T16753] veth1_macvtap: entered promiscuous mode [ 1383.931758][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 1384.029836][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1384.041807][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1384.058617][ T25] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 1384.070141][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1384.141964][ T3209] hsr_slave_0: left promiscuous mode [ 1384.194354][ T25] usb 5-1: config 0 descriptor?? [ 1384.276149][ T3209] hsr_slave_1: left promiscuous mode [ 1384.431899][ T3209] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1384.439915][ T3209] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1384.529263][ T3209] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1384.538153][ T3209] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1384.695103][ T3209] veth1_macvtap: left promiscuous mode [ 1384.701144][ T3209] veth0_macvtap: left promiscuous mode [ 1384.708263][ T3209] veth1_vlan: left promiscuous mode [ 1384.714090][ T3209] veth0_vlan: left promiscuous mode [ 1385.328341][ T25] uclogic 0003:28BD:0071.006B: interface is invalid, ignoring [ 1385.617515][T16581] usb 5-1: USB disconnect, device number 39 [ 1386.288152][ T3209] team0 (unregistering): Port device team_slave_1 removed [ 1386.474670][ T3209] team0 (unregistering): Port device team_slave_0 removed [ 1386.574888][T16945] loop1: detected capacity change from 0 to 8 [ 1386.684985][T16943] netlink: 17 bytes leftover after parsing attributes in process `syz.2.4899'. [ 1387.155770][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1387.166708][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.177139][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1387.187960][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.198179][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1387.209107][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.219357][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1387.235790][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.247916][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1387.258770][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.269009][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1387.280080][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.295801][T16753] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1387.617048][T16949] loop2: detected capacity change from 0 to 1024 [ 1387.789238][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1387.800683][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.811161][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1387.823895][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.835429][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1387.857104][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.868135][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1387.878990][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.889447][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1387.900296][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.910586][T16753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1387.923860][T16753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1387.952279][T16753] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1388.183162][T11056] hfsplus: b-tree write err: -5, ino 4 [ 1388.417250][T16753] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.426532][T16753] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.435945][T16753] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.445547][T16753] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1389.856211][T16971] netlink: 'syz.1.4910': attribute type 1 has an invalid length. [ 1391.196266][T16989] netlink: 'syz.0.4918': attribute type 29 has an invalid length. [ 1391.343473][T16989] netlink: 'syz.0.4918': attribute type 29 has an invalid length. [ 1391.368557][ T5194] Bluetooth: hci7: command tx timeout [ 1392.708292][T17009] loop0: detected capacity change from 0 to 64 [ 1392.862449][T16581] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 1392.954366][T17009] hfs: bad catalog entry type 0 [ 1393.109296][T16581] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1393.122575][T16581] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 1393.135802][T16581] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1393.149321][T16581] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1393.158879][T16581] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1393.214162][T16581] usb 2-1: config 0 descriptor?? [ 1393.224771][T17007] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1393.698936][T17013] loop2: detected capacity change from 0 to 256 [ 1393.725901][T17013] exfat: Deprecated parameter 'namecase' [ 1393.733291][T17013] exfat: Deprecated parameter 'utf8' [ 1393.739529][T17013] exfat: Deprecated parameter 'namecase' [ 1393.810507][T16581] plantronics 0003:047F:FFFF.006C: unknown main item tag 0xd [ 1393.932702][T16581] plantronics 0003:047F:FFFF.006C: No inputs registered, leaving [ 1393.952988][T17013] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1394.005779][T16581] plantronics 0003:047F:FFFF.006C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1394.216890][T16581] usb 2-1: USB disconnect, device number 39 [ 1395.550698][T17031] loop2: detected capacity change from 0 to 256 [ 1396.674210][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 1396.680977][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 1397.131715][T17044] loop4: detected capacity change from 0 to 1024 [ 1397.582841][ T4560] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1397.591013][ T4560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1397.892608][T17044] hfsplus: bad catalog entry type [ 1397.945696][ T3490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1397.954125][ T3490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1398.363856][T17041] loop1: detected capacity change from 0 to 4096 [ 1398.558020][ T3209] hfsplus: b-tree write err: -5, ino 4 [ 1398.682684][T17052] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1399.547945][T17062] loop0: detected capacity change from 0 to 512 [ 1399.851007][T17062] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1399.867551][T17062] ext4 filesystem being mounted at /259/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1399.899860][ C1] vkms_vblank_simulate: vblank timer overrun [ 1400.805125][T14287] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1401.093797][T17081] team0: Device veth0_macvtap failed to register rx_handler [ 1401.407520][T17084] netlink: 240 bytes leftover after parsing attributes in process `syz.0.4952'. [ 1401.887681][T17090] loop4: detected capacity change from 0 to 256 [ 1402.305010][T17090] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1404.703699][T17116] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4967'. [ 1405.909116][T17124] loop4: detected capacity change from 0 to 256 [ 1406.197951][T17126] loop2: detected capacity change from 0 to 64 [ 1407.422419][T17124] FAT-fs (loop4): Directory bread(block 64) failed [ 1407.429279][T17124] FAT-fs (loop4): Directory bread(block 65) failed [ 1407.436665][T17124] FAT-fs (loop4): Directory bread(block 66) failed [ 1407.443640][T17124] FAT-fs (loop4): Directory bread(block 67) failed [ 1407.450612][T17124] FAT-fs (loop4): Directory bread(block 68) failed [ 1407.457674][T17124] FAT-fs (loop4): Directory bread(block 69) failed [ 1407.465078][T17124] FAT-fs (loop4): Directory bread(block 70) failed [ 1407.472302][T17124] FAT-fs (loop4): Directory bread(block 71) failed [ 1407.479810][T17124] FAT-fs (loop4): Directory bread(block 72) failed [ 1407.486810][T17124] FAT-fs (loop4): Directory bread(block 73) failed [ 1407.872556][T17122] Invalid ELF header magic: != ELF [ 1408.786877][T17139] loop1: detected capacity change from 0 to 736 [ 1408.864350][T17139] iso9660: Bad value for 'mode' [ 1409.020312][T17141] loop2: detected capacity change from 0 to 1024 [ 1410.662206][ T5243] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 1410.887138][T17157] loop2: detected capacity change from 0 to 2048 [ 1410.911774][ T5243] usb 2-1: Using ep0 maxpacket: 8 [ 1410.948669][ T5243] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1410.960292][ T5243] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1410.972258][ T5243] usb 2-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 1410.974497][T17157] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 1410.987424][ T5243] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1411.040556][ T5243] usb 2-1: config 0 descriptor?? [ 1411.320976][T17157] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1411.541034][ T5243] greenasia 0003:0E8F:0012.006D: unknown main item tag 0x0 [ 1411.582310][ T5243] greenasia 0003:0E8F:0012.006D: hidraw0: USB HID v0.00 Device [HID 0e8f:0012] on usb-dummy_hcd.1-1/input0 [ 1411.607132][ T5243] greenasia 0003:0E8F:0012.006D: no inputs found [ 1411.751433][ T5243] usb 2-1: USB disconnect, device number 40 [ 1412.302786][ T5270] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 1412.739068][ T5270] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1412.750770][ T5270] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1412.761386][ T5270] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 1412.770801][ T5270] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1412.866986][ T5270] usb 5-1: config 0 descriptor?? [ 1413.676116][ T5270] lg-g15 0003:046D:C222.006E: ignoring exceeding usage max [ 1413.692161][ T5270] lg-g15 0003:046D:C222.006E: ignoring exceeding usage max [ 1413.787045][ T5270] lg-g15 0003:046D:C222.006E: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.4-1/input0 [ 1414.016146][ T5243] usb 5-1: USB disconnect, device number 40 [ 1414.540825][T17173] loop0: detected capacity change from 0 to 4096 [ 1414.775312][T17173] NILFS (loop0): invalid segment: Checksum error in segment payload [ 1414.785707][T17173] NILFS (loop0): trying rollback from an earlier position [ 1415.015231][T17173] NILFS (loop0): recovery complete [ 1415.718486][T17196] No buffer was provided with the request [ 1415.876763][ T5240] IPVS: starting estimator thread 0... [ 1415.971861][T17203] IPVS: using max 192 ests per chain, 9600 per kthread [ 1417.765175][T17221] loop0: detected capacity change from 0 to 1024 [ 1417.902614][T17221] hfsplus: bad catalog entry type [ 1418.242565][ T3994] hfsplus: b-tree write err: -5, ino 4 [ 1419.013622][ T5243] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 1419.231826][ T5243] usb 3-1: Using ep0 maxpacket: 16 [ 1419.293102][ T5243] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1419.304594][ T5243] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1419.314969][ T5243] usb 3-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00 [ 1419.324655][ T5243] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1419.382129][ T5243] usb 3-1: config 0 descriptor?? [ 1419.932808][ T5243] input: HID 041e:3100 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:041E:3100.006F/input/input35 [ 1420.088165][ T5243] creative-sb0540 0003:041E:3100.006F: input,hidraw0: USB HID v0.00 Device [HID 041e:3100] on usb-dummy_hcd.2-1/input0 [ 1420.201045][ T5243] usb 3-1: USB disconnect, device number 33 [ 1421.265733][ T5240] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 1421.563923][ T5240] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1421.575429][ T5240] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1421.586053][ T5240] usb 4-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00 [ 1421.597521][ T5240] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1421.684091][ T5240] usb 4-1: config 0 descriptor?? [ 1422.052042][T17266] loop2: detected capacity change from 0 to 256 [ 1422.112239][T17247] loop4: detected capacity change from 0 to 4096 [ 1422.294304][T17247] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 1422.454708][T17266] FAT-fs (loop2): Directory bread(block 64) failed [ 1422.463690][T17266] FAT-fs (loop2): Directory bread(block 65) failed [ 1422.470849][T17266] FAT-fs (loop2): Directory bread(block 66) failed [ 1422.477996][T17266] FAT-fs (loop2): Directory bread(block 67) failed [ 1422.485275][T17266] FAT-fs (loop2): Directory bread(block 68) failed [ 1422.492195][T17266] FAT-fs (loop2): Directory bread(block 69) failed [ 1422.499165][T17266] FAT-fs (loop2): Directory bread(block 70) failed [ 1422.506194][T17266] FAT-fs (loop2): Directory bread(block 71) failed [ 1422.513565][T17266] FAT-fs (loop2): Directory bread(block 72) failed [ 1422.520481][T17266] FAT-fs (loop2): Directory bread(block 73) failed [ 1422.616354][T17270] loop1: detected capacity change from 0 to 1024 [ 1422.642421][ T5240] petalynx 0003:18B1:0037.0070: collection stack underflow [ 1422.650066][ T5240] petalynx 0003:18B1:0037.0070: item 0 1 0 12 parsing failed [ 1422.686962][T17270] EXT4-fs: Ignoring removed orlov option [ 1422.693290][T17270] EXT4-fs: Ignoring removed bh option [ 1422.748835][ T5240] petalynx 0003:18B1:0037.0070: parse failed [ 1422.768037][ T5240] petalynx 0003:18B1:0037.0070: probe with driver petalynx failed with error -22 [ 1422.908639][T17270] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1422.953261][ T5243] usb 4-1: USB disconnect, device number 39 [ 1423.509315][T12886] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1424.135717][T17282] loop1: detected capacity change from 0 to 512 [ 1424.174349][T17282] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1424.403801][T17282] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 1424.412814][T17282] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 1424.556046][T17282] EXT4-fs (loop1): 1 truncate cleaned up [ 1424.564334][T17282] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1424.790203][T17288] loop4: detected capacity change from 0 to 256 [ 1424.866226][T12886] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1424.968519][T17288] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 1425.159618][T17293] loop0: detected capacity change from 0 to 256 [ 1425.227858][T17295] loop2: detected capacity change from 0 to 512 [ 1425.483519][T17295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1425.496995][T17295] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1425.690012][T17293] FAT-fs (loop0): Directory bread(block 64) failed [ 1425.697291][T17293] FAT-fs (loop0): Directory bread(block 65) failed [ 1425.704835][T17293] FAT-fs (loop0): Directory bread(block 66) failed [ 1425.711837][T17293] FAT-fs (loop0): Directory bread(block 67) failed [ 1425.718834][T17293] FAT-fs (loop0): Directory bread(block 68) failed [ 1425.734727][T17293] FAT-fs (loop0): Directory bread(block 69) failed [ 1425.744520][T17293] FAT-fs (loop0): Directory bread(block 70) failed [ 1425.754036][T17293] FAT-fs (loop0): Directory bread(block 71) failed [ 1425.761757][T17293] FAT-fs (loop0): Directory bread(block 72) failed [ 1425.768696][T17293] FAT-fs (loop0): Directory bread(block 73) failed [ 1426.122151][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1430.834267][T17331] loop0: detected capacity change from 0 to 4096 [ 1433.796255][T17331] ntfs3: loop0: Failed to read $UpCase (-4). [ 1434.277306][T17351] netlink: 'syz.1.5076': attribute type 29 has an invalid length. [ 1434.413680][ T5243] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 1434.671706][ T5243] usb 4-1: Using ep0 maxpacket: 8 [ 1434.758837][ T5243] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 1434.770811][ T5243] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1434.782331][ T5243] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1434.792757][ T5243] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 1434.806472][ T5243] usb 4-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 1434.816075][ T5243] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1434.946519][ T5243] usb 4-1: config 0 descriptor?? [ 1435.782569][T17364] usb usb8: usbfs: process 17364 (syz.4.5081) did not claim interface 0 before use [ 1435.935855][ T5243] kye 0003:0458:5011.0071: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 1436.058164][ T5243] kye 0003:0458:5011.0071: hidraw0: USB HID v0.00 Device [HID 0458:5011] on usb-dummy_hcd.3-1/input0 [ 1436.078796][ T5243] kye 0003:0458:5011.0071: tablet-enabling feature report not found [ 1436.090312][ T5243] kye 0003:0458:5011.0071: tablet enabling failed [ 1436.353676][ T5243] usb 4-1: USB disconnect, device number 40 [ 1436.645570][T17366] loop1: detected capacity change from 0 to 2048 [ 1436.689962][T17366] EXT4-fs: Ignoring removed mblk_io_submit option [ 1436.917671][T17366] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1436.969074][T17378] loop0: detected capacity change from 0 to 256 [ 1437.015153][T17376] ax25_connect(): syz.2.5087 uses autobind, please contact jreuter@yaina.de [ 1437.253833][T17378] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1437.352805][T12886] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1439.220016][T17400] loop2: detected capacity change from 0 to 128 [ 1439.575576][T17407] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5101'. [ 1440.892371][T17420] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5106'. [ 1441.793130][T17402] loop4: detected capacity change from 0 to 4096 [ 1442.197237][T17402] ntfs3: loop4: Failed to read $UpCase (-4). [ 1442.501483][T17437] loop0: detected capacity change from 0 to 164 [ 1443.072511][ T5243] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 1443.312849][ T5243] usb 3-1: Using ep0 maxpacket: 32 [ 1443.405291][ T5243] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1443.416874][ T5243] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1443.427289][ T5243] usb 3-1: New USB device found, idVendor=056a, idProduct=00fa, bcdDevice= 0.00 [ 1443.439839][ T5243] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1443.516444][ T5243] usb 3-1: config 0 descriptor?? [ 1444.082534][ T5243] wacom 0003:056A:00FA.0072: hidraw0: USB HID v0.00 Device [HID 056a:00fa] on usb-dummy_hcd.2-1/input0 [ 1444.195362][T17454] tipc: Started in network mode [ 1444.200731][T17454] tipc: Node identity aaaaaaaaaa3, cluster identity 4711 [ 1444.209052][T17454] tipc: Enabled bearer , priority 0 [ 1444.293613][ T25] usb 3-1: USB disconnect, device number 34 [ 1445.332046][ T5243] tipc: Node number set to 10136234 [ 1446.003859][T17472] netlink: 'syz.4.5131': attribute type 5 has an invalid length. [ 1446.331059][T17474] loop2: detected capacity change from 0 to 1024 [ 1446.379203][T17477] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5134'. [ 1447.382124][ T5240] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 1447.649326][ T5240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1447.660877][ T5240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1447.671292][ T5240] usb 3-1: New USB device found, idVendor=056a, idProduct=00e3, bcdDevice= 0.00 [ 1447.680748][ T5240] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1447.733842][ T5240] usb 3-1: config 0 descriptor?? [ 1448.140742][T17496] loop1: detected capacity change from 0 to 512 [ 1448.175578][T17496] EXT4-fs: Ignoring removed oldalloc option [ 1448.283396][ T5240] wacom 0003:056A:00E3.0073: unknown main item tag 0x0 [ 1448.290725][ T5240] wacom 0003:056A:00E3.0073: unknown main item tag 0x0 [ 1448.298281][ T5240] wacom 0003:056A:00E3.0073: unknown main item tag 0x0 [ 1448.306445][ T5240] wacom 0003:056A:00E3.0073: unknown main item tag 0x0 [ 1448.313903][ T5240] wacom 0003:056A:00E3.0073: unknown main item tag 0x0 [ 1448.321167][ T5240] wacom 0003:056A:00E3.0073: unknown main item tag 0x0 [ 1448.328663][ T5240] wacom 0003:056A:00E3.0073: unknown main item tag 0x0 [ 1448.347100][T17496] EXT4-fs (loop1): 1 truncate cleaned up [ 1448.365109][T17496] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1448.436831][ T5240] wacom 0003:056A:00E3.0073: hidraw0: USB HID v0.00 Device [HID 056a:00e3] on usb-dummy_hcd.2-1/input0 [ 1448.503701][ T5240] usb 3-1: USB disconnect, device number 35 [ 1448.789361][T12886] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1449.314391][T17501] loop4: detected capacity change from 0 to 2048 [ 1449.348747][T17508] loop0: detected capacity change from 0 to 64 [ 1449.432640][T17501] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 1449.781938][T17501] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1450.251849][ T5240] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 1450.471809][ T5240] usb 3-1: Using ep0 maxpacket: 16 [ 1450.494763][ T5240] usb 3-1: config 0 has too many interfaces: 231, using maximum allowed: 32 [ 1450.504177][ T5240] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 231 [ 1450.524148][ T5240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1450.591543][ T5240] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice= 0.00 [ 1450.601429][ T5240] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1450.617409][ T5240] usb 3-1: SerialNumber: syz [ 1450.737241][ T5240] usb 3-1: config 0 descriptor?? [ 1450.764958][ T5240] input: USB Touchscreen 134c:0002 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input42 [ 1451.205781][ T5240] usb 3-1: USB disconnect, device number 36 [ 1452.031846][ T5243] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 1452.271868][ T5243] usb 2-1: Using ep0 maxpacket: 16 [ 1452.290581][ T5243] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1452.303512][ T5243] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1452.316459][ T5243] usb 2-1: New USB device found, idVendor=056a, idProduct=00ce, bcdDevice= 0.00 [ 1452.326413][ T5243] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1452.424255][ T5243] usb 2-1: config 0 descriptor?? [ 1452.983065][ T5244] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 1453.102018][ T5243] usb 2-1: USB disconnect, device number 41 [ 1453.301928][ T5244] usb 5-1: Using ep0 maxpacket: 32 [ 1453.415326][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1453.427141][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1453.437526][ T5244] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 1453.447127][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1453.541111][ T5244] usb 5-1: config 0 descriptor?? [ 1454.360953][ T5244] ft260 0003:0403:6030.0075: item fetching failed at offset 0/2 [ 1454.436704][ T5244] ft260 0003:0403:6030.0075: failed to parse HID [ 1454.444318][ T5244] ft260 0003:0403:6030.0075: probe with driver ft260 failed with error -22 [ 1454.754004][ T5244] usb 5-1: USB disconnect, device number 41 [ 1455.618330][T17562] sp0: Synchronizing with TNC [ 1455.698032][T17561] [U] è [ 1455.713311][ T5240] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 1455.993744][ T5240] usb 4-1: Using ep0 maxpacket: 16 [ 1456.032158][ T5240] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1456.051142][ T5240] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1456.064090][ T5240] usb 4-1: New USB device found, idVendor=056a, idProduct=5000, bcdDevice= 0.00 [ 1456.075932][ T5240] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1456.172093][ T5240] usb 4-1: config 0 descriptor?? [ 1456.989762][ T5240] wacom 0003:056A:5000.0076: unknown main item tag 0x0 [ 1456.997295][ T5240] wacom 0003:056A:5000.0076: unknown main item tag 0x0 [ 1457.008497][ T5240] wacom 0003:056A:5000.0076: unknown main item tag 0x0 [ 1457.016067][ T5240] wacom 0003:056A:5000.0076: unknown main item tag 0x0 [ 1457.023719][ T5240] wacom 0003:056A:5000.0076: unknown main item tag 0x0 [ 1457.031014][ T5240] wacom 0003:056A:5000.0076: unknown main item tag 0x0 [ 1457.275904][ T5240] wacom 0003:056A:5000.0076: hidraw0: USB HID v0.00 Device [HID 056a:5000] on usb-dummy_hcd.3-1/input0 [ 1457.352236][ T5240] usb 4-1: USB disconnect, device number 41 [ 1458.099063][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 1458.106131][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 1458.267762][T17586] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.5187'. [ 1458.278948][T17586] netlink: zone id is out of range [ 1458.284542][T17586] netlink: zone id is out of range [ 1458.679373][ T29] audit: type=1326 audit(1726301254.674:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17589 comm="syz.2.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1458.709304][ T29] audit: type=1326 audit(1726301254.674:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17589 comm="syz.2.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1458.735460][ T29] audit: type=1326 audit(1726301254.714:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17589 comm="syz.2.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1458.758627][ T29] audit: type=1326 audit(1726301254.714:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17589 comm="syz.2.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1458.784843][ T29] audit: type=1326 audit(1726301254.724:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17589 comm="syz.2.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1458.815087][ T29] audit: type=1326 audit(1726301254.724:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17589 comm="syz.2.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1458.840134][ T29] audit: type=1326 audit(1726301254.724:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17589 comm="syz.2.5190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f372077def9 code=0x7ffc0000 [ 1460.162570][T16499] Bluetooth: hci1: command 0x0406 tx timeout [ 1461.291746][ T5244] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 1461.610563][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1461.622207][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1461.632492][ T5244] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1461.646153][ T5244] usb 4-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00 [ 1461.655872][ T5244] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1461.746178][ T5244] usb 4-1: config 0 descriptor?? [ 1462.379842][ T5244] wacom 0003:056A:0094.0077: unknown main item tag 0x0 [ 1462.397403][ T5244] wacom 0003:056A:0094.0077: unknown main item tag 0x0 [ 1462.407253][ T5244] wacom 0003:056A:0094.0077: unknown main item tag 0x0 [ 1462.414692][ T5244] wacom 0003:056A:0094.0077: unknown main item tag 0x0 [ 1462.422195][ T5244] wacom 0003:056A:0094.0077: unknown main item tag 0x0 [ 1462.429465][ T5244] wacom 0003:056A:0094.0077: unknown main item tag 0x0 [ 1462.436877][ T5244] wacom 0003:056A:0094.0077: unknown main item tag 0x0 [ 1462.630485][ T5244] wacom 0003:056A:0094.0077: Using device in hidraw-only mode [ 1462.679415][ T5244] wacom 0003:056A:0094.0077: hidraw0: USB HID v0.00 Device [HID 056a:0094] on usb-dummy_hcd.3-1/input0 [ 1462.783025][ T5244] usb 4-1: USB disconnect, device number 42 [ 1462.903051][ T5243] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 1463.141509][ T5243] usb 2-1: Using ep0 maxpacket: 8 [ 1463.199805][ T5243] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1463.215005][ T5243] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1463.225270][ T5243] usb 2-1: Product: syz [ 1463.229793][ T5243] usb 2-1: Manufacturer: syz [ 1463.234811][ T5243] usb 2-1: SerialNumber: syz [ 1463.299027][ T5243] usb 2-1: config 0 descriptor?? [ 1463.350454][ T5243] gspca_main: sq905-2.14.0 probing 2770:9120 [ 1463.977668][ T5243] gspca_sq905: sq905_command: usb_control_msg failed (-71) [ 1463.985906][ T5243] sq905 2-1:0.0: probe with driver sq905 failed with error -71 [ 1464.096917][ T5243] usb 2-1: USB disconnect, device number 42 [ 1464.702287][T17649] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5216'. [ 1465.846737][T17660] loop2: detected capacity change from 0 to 512 [ 1466.134694][T17660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1466.148334][T17660] ext4 filesystem being mounted at /356/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1466.709765][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1470.053314][T17700] loop2: detected capacity change from 0 to 2048 [ 1470.139918][T17700] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only [ 1470.513344][T17711] loop1: detected capacity change from 0 to 164 [ 1471.219165][T17719] loop2: detected capacity change from 0 to 64 [ 1471.333217][ T25] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 1471.780438][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1471.792141][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1471.802808][ T25] usb 5-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00 [ 1471.819532][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1471.882181][ T25] usb 5-1: config 0 descriptor?? [ 1471.933214][T17727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5250'. [ 1471.947964][T17725] loop1: detected capacity change from 0 to 256 [ 1472.374741][T17725] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1472.590626][ T25] elecom 0003:056E:010C.0078: hidraw0: USB HID v0.00 Device [HID 056e:010c] on usb-dummy_hcd.4-1/input0 [ 1472.864132][T17732] loop0: detected capacity change from 0 to 512 [ 1472.967484][ T5243] usb 5-1: USB disconnect, device number 42 [ 1473.008781][T17732] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.5254: casefold flag without casefold feature [ 1473.151444][T17732] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5254: couldn't read orphan inode 15 (err -117) [ 1473.180798][T17738] loop1: detected capacity change from 0 to 64 [ 1473.200175][T17732] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1473.409314][ T5240] IPVS: starting estimator thread 0... [ 1473.494931][ T29] audit: type=1800 audit(1726301269.414:119): pid=17738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.5256" name="file1" dev="loop1" ino=0 res=0 errno=0 [ 1473.516825][T17741] IPVS: using max 240 ests per chain, 12000 per kthread [ 1473.532214][ T25] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 1473.724600][T14287] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1473.792814][ T25] usb 3-1: Using ep0 maxpacket: 8 [ 1473.833288][ T25] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1473.840426][ T25] usb 3-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00 [ 1473.850530][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1473.925660][ T25] usb 3-1: config 0 descriptor?? [ 1474.503382][ T25] logitech 0003:046D:CA03.0079: hidraw0: USB HID v0.00 Device [HID 046d:ca03] on usb-dummy_hcd.2-1/input0 [ 1474.515485][ T25] logitech 0003:046D:CA03.0079: no inputs found [ 1474.766264][ T25] usb 3-1: USB disconnect, device number 37 [ 1476.133633][T17763] loop0: detected capacity change from 0 to 1024 [ 1477.563361][ T5243] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 1477.881532][ T5243] usb 3-1: Using ep0 maxpacket: 8 [ 1477.900152][ T5243] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1477.911995][ T5243] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1477.922831][ T5243] usb 3-1: New USB device found, idVendor=0c70, idProduct=f0bd, bcdDevice= 0.00 [ 1477.932427][ T5243] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1477.945422][ T5243] usb 3-1: config 0 descriptor?? [ 1478.674104][ T5243] aquacomputer_d5next 0003:0C70:F0BD.007A: unknown main item tag 0xe [ 1478.743986][ T5243] aquacomputer_d5next 0003:0C70:F0BD.007A: hidraw0: USB HID v0.00 Device [HID 0c70:f0bd] on usb-dummy_hcd.2-1/input0 [ 1478.760341][T17786] loop0: detected capacity change from 0 to 256 [ 1478.898858][ T5243] usb 3-1: USB disconnect, device number 38 [ 1479.326344][T17786] FAT-fs (loop0): Directory bread(block 64) failed [ 1479.333562][T17786] FAT-fs (loop0): Directory bread(block 65) failed [ 1479.340826][T17786] FAT-fs (loop0): Directory bread(block 66) failed [ 1479.348029][T17786] FAT-fs (loop0): Directory bread(block 67) failed [ 1479.355243][T17786] FAT-fs (loop0): Directory bread(block 68) failed [ 1479.362716][T17786] FAT-fs (loop0): Directory bread(block 69) failed [ 1479.369797][T17786] FAT-fs (loop0): Directory bread(block 70) failed [ 1479.376901][T17786] FAT-fs (loop0): Directory bread(block 71) failed [ 1479.393235][T17786] FAT-fs (loop0): Directory bread(block 72) failed [ 1479.403072][T17786] FAT-fs (loop0): Directory bread(block 73) failed [ 1480.111843][ T5240] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 1480.175075][T17794] netlink: 'syz.2.5280': attribute type 11 has an invalid length. [ 1480.369842][ T5240] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02 [ 1480.379500][ T5240] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1480.388887][ T5240] usb 2-1: Product: syz [ 1480.397123][ T5240] usb 2-1: Manufacturer: syz [ 1480.405278][ T5240] usb 2-1: SerialNumber: syz [ 1480.493782][ T5240] usb 2-1: config 0 descriptor?? [ 1480.653440][T17796] CIFS: Unable to determine destination address [ 1480.994194][ T5240] hso 2-1:0.0: Failed to find BULK IN ep [ 1481.350828][ T25] usb 2-1: USB disconnect, device number 43 [ 1481.880113][T17807] loop0: detected capacity change from 0 to 128 [ 1483.872242][T17805] loop2: detected capacity change from 0 to 32768 [ 1483.915885][T17819] loop0: detected capacity change from 0 to 24 [ 1485.582232][T16499] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1485.598153][T16499] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1485.609821][T16499] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1485.683201][T16499] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1485.697302][T16499] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1485.713867][T16499] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1486.290671][T17838] loop0: detected capacity change from 0 to 128 [ 1486.528081][T17838] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 1486.811866][T17838] FAT-fs (loop0): error, clusters badly computed (0 != 1) [ 1486.819561][T17838] FAT-fs (loop0): Filesystem has been set read-only [ 1486.988736][T17838] FAT-fs (loop0): error, clusters badly computed (1 != 2) [ 1487.059273][T17838] FAT-fs (loop0): error, clusters badly computed (2 != 3) [ 1487.144853][T17838] FAT-fs (loop0): error, clusters badly computed (3 != 4) [ 1487.184355][T17838] FAT-fs (loop0): error, clusters badly computed (4 != 5) [ 1487.333657][T17838] FAT-fs (loop0): error, clusters badly computed (5 != 6) [ 1487.381860][T17838] FAT-fs (loop0): error, clusters badly computed (6 != 7) [ 1487.410089][T17838] FAT-fs (loop0): error, clusters badly computed (7 != 8) [ 1487.442609][T17838] FAT-fs (loop0): error, clusters badly computed (8 != 9) [ 1487.490322][T17838] FAT-fs (loop0): error, clusters badly computed (9 != 10) [ 1487.522851][T17838] FAT-fs (loop0): error, clusters badly computed (10 != 11) [ 1487.543434][T17838] FAT-fs (loop0): error, clusters badly computed (11 != 12) [ 1487.614680][T17838] FAT-fs (loop0): error, clusters badly computed (12 != 13) [ 1487.688493][T17838] FAT-fs (loop0): error, clusters badly computed (13 != 14) [ 1487.709241][T17838] FAT-fs (loop0): error, clusters badly computed (14 != 15) [ 1487.728584][T17838] FAT-fs (loop0): error, clusters badly computed (15 != 16) [ 1487.817856][T17838] FAT-fs (loop0): error, clusters badly computed (16 != 17) [ 1487.854216][T17838] FAT-fs (loop0): error, clusters badly computed (17 != 18) [ 1487.902913][ C1] ===================================================== [ 1487.910322][ C1] BUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 1487.918815][ C1] nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 1487.924707][ C1] nf_send_reset6+0xd84/0x15b0 [ 1487.929718][ C1] nft_reject_inet_eval+0x3c1/0x880 [ 1487.935302][ C1] nft_do_chain+0x438/0x22a0 [ 1487.940127][ C1] nft_do_chain_inet+0x41a/0x4f0 [ 1487.945380][ C1] nf_hook_slow+0xf4/0x400 [ 1487.950018][ C1] ip6_input+0x2fe/0x430 [ 1487.954666][ C1] ip6_rcv_finish+0x617/0x970 [ 1487.959565][ C1] ipv6_rcv+0xde/0x390 [ 1487.963938][ C1] __netif_receive_skb+0x1da/0xa00 [ 1487.969312][ C1] process_backlog+0x4ad/0xa50 [ 1487.974491][ C1] __napi_poll+0xe7/0x980 [ 1487.979072][ C1] net_rx_action+0xa5a/0x19b0 [ 1487.984108][ C1] handle_softirqs+0x1ce/0x800 [ 1487.989126][ C1] __do_softirq+0x14/0x1a [ 1487.993761][ C1] do_softirq+0x9a/0x100 [ 1487.998253][ C1] __local_bh_enable_ip+0x9f/0xb0 [ 1488.003749][ C1] __dev_queue_xmit+0x2692/0x5610 [ 1488.009038][ C1] neigh_resolve_output+0x9ca/0xae0 [ 1488.014710][ C1] ip6_finish_output2+0x2347/0x2ba0 [ 1488.020142][ C1] ip6_finish_output+0xbb8/0x14b0 [ 1488.025538][ C1] ip6_output+0x356/0x620 [ 1488.030118][ C1] ip6_xmit+0x1ba6/0x25d0 [ 1488.035182][ C1] inet6_csk_xmit+0x442/0x530 [ 1488.042032][ C1] __tcp_transmit_skb+0x3b07/0x4880 [ 1488.047481][ C1] tcp_connect+0x35b6/0x7130 [ 1488.052454][ C1] tcp_v6_connect+0x1bcc/0x1e40 [ 1488.057685][ C1] __inet_stream_connect+0x2ef/0x1730 [ 1488.063417][ C1] inet_stream_connect+0x6a/0xd0 [ 1488.068633][ C1] __sys_connect+0x606/0x690 [ 1488.073559][ C1] __x64_sys_connect+0x91/0xe0 [ 1488.078563][ C1] x64_sys_call+0x27a5/0x3ba0 [ 1488.083634][ C1] do_syscall_64+0xcd/0x1e0 [ 1488.088380][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1488.094641][ C1] [ 1488.097089][ C1] Uninit was stored to memory at: [ 1488.098107][T17831] chnl_net:caif_netlink_parms(): no params data found [ 1488.102477][ C1] nf_reject_ip6_tcphdr_put+0x60c/0x6c0 [ 1488.115126][ C1] nf_send_reset6+0xd84/0x15b0 [ 1488.120222][ C1] nft_reject_inet_eval+0x3c1/0x880 [ 1488.125865][ C1] nft_do_chain+0x438/0x22a0 [ 1488.130725][ C1] nft_do_chain_inet+0x41a/0x4f0 [ 1488.135973][ C1] nf_hook_slow+0xf4/0x400 [ 1488.140613][ C1] ip6_input+0x2fe/0x430 [ 1488.145213][ C1] ip6_rcv_finish+0x617/0x970 [ 1488.150098][ C1] ipv6_rcv+0xde/0x390 [ 1488.154629][ C1] __netif_receive_skb+0x1da/0xa00 [ 1488.160015][ C1] process_backlog+0x4ad/0xa50 [ 1488.165130][ C1] __napi_poll+0xe7/0x980 [ 1488.169705][ C1] net_rx_action+0xa5a/0x19b0 [ 1488.174919][ C1] handle_softirqs+0x1ce/0x800 [ 1488.179947][ C1] __do_softirq+0x14/0x1a [ 1488.184667][ C1] [ 1488.187116][ C1] Uninit was stored to memory at: [ 1488.192595][ C1] nf_reject_ip6_tcphdr_put+0x2ca/0x6c0 [ 1488.198389][ C1] nf_send_reset6+0xd84/0x15b0 [ 1488.203475][ C1] nft_reject_inet_eval+0x3c1/0x880 [ 1488.208920][ C1] nft_do_chain+0x438/0x22a0 [ 1488.213987][ C1] nft_do_chain_inet+0x41a/0x4f0 [ 1488.219159][ C1] nf_hook_slow+0xf4/0x400 [ 1488.223936][ C1] ip6_input+0x2fe/0x430 [ 1488.228414][ C1] ip6_rcv_finish+0x617/0x970 [ 1488.233453][ C1] ipv6_rcv+0xde/0x390 [ 1488.237814][ C1] __netif_receive_skb+0x1da/0xa00 [ 1488.243368][ C1] process_backlog+0x4ad/0xa50 [ 1488.248412][ C1] __napi_poll+0xe7/0x980 [ 1488.253061][ C1] net_rx_action+0xa5a/0x19b0 [ 1488.257992][ C1] handle_softirqs+0x1ce/0x800 [ 1488.263083][ C1] __do_softirq+0x14/0x1a [ 1488.267676][ C1] [ 1488.270161][ C1] Uninit was created at: [ 1488.274829][ C1] kmem_cache_alloc_node_noprof+0x6bf/0xb80 [ 1488.280964][ C1] kmalloc_reserve+0x13d/0x4a0 [ 1488.286068][ C1] __alloc_skb+0x363/0x7b0 [ 1488.290719][ C1] nf_send_reset6+0x98d/0x15b0 [ 1488.295877][ C1] nft_reject_inet_eval+0x3c1/0x880 [ 1488.301380][ C1] nft_do_chain+0x438/0x22a0 [ 1488.306189][ C1] nft_do_chain_inet+0x41a/0x4f0 [ 1488.311583][ C1] nf_hook_slow+0xf4/0x400 [ 1488.316224][ C1] ip6_input+0x2fe/0x430 [ 1488.320688][ C1] ip6_rcv_finish+0x617/0x970 [ 1488.325916][ C1] ipv6_rcv+0xde/0x390 [ 1488.330209][ C1] __netif_receive_skb+0x1da/0xa00 [ 1488.335723][ C1] process_backlog+0x4ad/0xa50 [ 1488.340789][ C1] __napi_poll+0xe7/0x980 [ 1488.345537][ C1] net_rx_action+0xa5a/0x19b0 [ 1488.350557][ C1] handle_softirqs+0x1ce/0x800 [ 1488.355727][ C1] __do_softirq+0x14/0x1a [ 1488.360295][ C1] [ 1488.362966][ C1] CPU: 1 UID: 0 PID: 17855 Comm: syz.2.5304 Not tainted 6.11.0-rc7-syzkaller-00135-gb7718454f937 #0 [ 1488.374048][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1488.384920][ C1] ===================================================== [ 1488.392172][ C1] Disabling lock debugging due to kernel taint [ 1488.398473][ C1] Kernel panic - not syncing: kmsan.panic set ... [ 1488.405062][ C1] CPU: 1 UID: 0 PID: 17855 Comm: syz.2.5304 Tainted: G B 6.11.0-rc7-syzkaller-00135-gb7718454f937 #0 [ 1488.417593][ C1] Tainted: [B]=BAD_PAGE [ 1488.421886][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1488.432132][ C1] Call Trace: [ 1488.435571][ C1] [ 1488.438563][ C1] dump_stack_lvl+0x216/0x2d0 [ 1488.443505][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1488.449596][ C1] dump_stack+0x1e/0x30 [ 1488.453998][ C1] panic+0x4e2/0xcd0 [ 1488.458355][ C1] ? kmsan_get_metadata+0x81/0x1c0 [ 1488.464027][ C1] kmsan_report+0x2c7/0x2d0 [ 1488.468808][ C1] ? kmsan_metadata_is_contiguous+0x1c0/0x1e0 [ 1488.475137][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1488.481556][ C1] ? __msan_warning+0x95/0x120 [ 1488.486991][ C1] ? nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 1488.492981][ C1] ? nf_send_reset6+0xd84/0x15b0 [ 1488.498162][ C1] ? nft_reject_inet_eval+0x3c1/0x880 [ 1488.503780][ C1] ? nft_do_chain+0x438/0x22a0 [ 1488.508771][ C1] ? nft_do_chain_inet+0x41a/0x4f0 [ 1488.514107][ C1] ? nf_hook_slow+0xf4/0x400 [ 1488.519787][ C1] ? ip6_input+0x2fe/0x430 [ 1488.524427][ C1] ? ip6_rcv_finish+0x617/0x970 [ 1488.529494][ C1] ? ipv6_rcv+0xde/0x390 [ 1488.533946][ C1] ? __netif_receive_skb+0x1da/0xa00 [ 1488.539583][ C1] ? process_backlog+0x4ad/0xa50 [ 1488.544786][ C1] ? __napi_poll+0xe7/0x980 [ 1488.549614][ C1] ? net_rx_action+0xa5a/0x19b0 [ 1488.554940][ C1] ? handle_softirqs+0x1ce/0x800 [ 1488.560412][ C1] ? __do_softirq+0x14/0x1a [ 1488.565151][ C1] ? do_softirq+0x9a/0x100 [ 1488.569906][ C1] ? __local_bh_enable_ip+0x9f/0xb0 [ 1488.575406][ C1] ? __dev_queue_xmit+0x2692/0x5610 [ 1488.580963][ C1] ? neigh_resolve_output+0x9ca/0xae0 [ 1488.587975][ C1] ? ip6_finish_output2+0x2347/0x2ba0 [ 1488.594010][ C1] ? ip6_finish_output+0xbb8/0x14b0 [ 1488.599530][ C1] ? ip6_output+0x356/0x620 [ 1488.604297][ C1] ? ip6_xmit+0x1ba6/0x25d0 [ 1488.609069][ C1] ? inet6_csk_xmit+0x442/0x530 [ 1488.614312][ C1] ? __tcp_transmit_skb+0x3b07/0x4880 [ 1488.619952][ C1] ? tcp_connect+0x35b6/0x7130 [ 1488.624944][ C1] ? tcp_v6_connect+0x1bcc/0x1e40 [ 1488.630214][ C1] ? __inet_stream_connect+0x2ef/0x1730 [ 1488.636051][ C1] ? inet_stream_connect+0x6a/0xd0 [ 1488.641474][ C1] ? __sys_connect+0x606/0x690 [ 1488.646482][ C1] ? __x64_sys_connect+0x91/0xe0 [ 1488.651666][ C1] ? x64_sys_call+0x27a5/0x3ba0 [ 1488.656765][ C1] ? do_syscall_64+0xcd/0x1e0 [ 1488.661711][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1488.668081][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1488.674435][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.679920][ C1] ? kmsan_metadata_is_contiguous+0x66/0x1e0 [ 1488.686188][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.691680][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1488.697831][ C1] ? csum_partial+0x45e/0x4b0 [ 1488.702746][ C1] __msan_warning+0x95/0x120 [ 1488.707662][ C1] nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 1488.713483][ C1] nf_send_reset6+0xd84/0x15b0 [ 1488.718530][ C1] nft_reject_inet_eval+0x3c1/0x880 [ 1488.723979][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.729549][ C1] ? __pfx_nft_reject_inet_eval+0x10/0x10 [ 1488.735526][ C1] nft_do_chain+0x438/0x22a0 [ 1488.740588][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.746020][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.751517][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.756933][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1488.763014][ C1] nft_do_chain_inet+0x41a/0x4f0 [ 1488.768169][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 1488.773853][ C1] nf_hook_slow+0xf4/0x400 [ 1488.778486][ C1] ip6_input+0x2fe/0x430 [ 1488.782919][ C1] ? __pfx_ip6_input_finish+0x10/0x10 [ 1488.788496][ C1] ? __pfx_ip6_input+0x10/0x10 [ 1488.793483][ C1] ip6_rcv_finish+0x617/0x970 [ 1488.799376][ C1] ipv6_rcv+0xde/0x390 [ 1488.803675][ C1] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 1488.809149][ C1] __netif_receive_skb+0x1da/0xa00 [ 1488.814510][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.819956][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1488.826469][ C1] process_backlog+0x4ad/0xa50 [ 1488.832083][ C1] ? __pfx_process_backlog+0x10/0x10 [ 1488.837725][ C1] __napi_poll+0xe7/0x980 [ 1488.842288][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.847933][ C1] net_rx_action+0xa5a/0x19b0 [ 1488.852863][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.858290][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1488.864369][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 1488.869729][ C1] handle_softirqs+0x1ce/0x800 [ 1488.874739][ C1] __do_softirq+0x14/0x1a [ 1488.879258][ C1] do_softirq+0x9a/0x100 [ 1488.883804][ C1] [ 1488.886854][ C1] [ 1488.889901][ C1] __local_bh_enable_ip+0x9f/0xb0 [ 1488.895154][ C1] __dev_queue_xmit+0x2692/0x5610 [ 1488.900527][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1488.906590][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.912043][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1488.918106][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.923516][ C1] ? __dev_queue_xmit+0x352/0x5610 [ 1488.928870][ C1] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 1488.935357][ C1] neigh_resolve_output+0x9ca/0xae0 [ 1488.940790][ C1] ? __pfx_eth_header+0x10/0x10 [ 1488.945907][ C1] ? __pfx_neigh_resolve_output+0x10/0x10 [ 1488.951974][ C1] ip6_finish_output2+0x2347/0x2ba0 [ 1488.957498][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1488.963135][ C1] ip6_finish_output+0xbb8/0x14b0 [ 1488.968410][ C1] ip6_output+0x356/0x620 [ 1488.972966][ C1] ? __pfx_ip6_finish_output+0x10/0x10 [ 1488.978672][ C1] ? __pfx_ip6_output+0x10/0x10 [ 1488.983768][ C1] ? __pfx_ip6_output+0x10/0x10 [ 1488.988835][ C1] ip6_xmit+0x1ba6/0x25d0 [ 1488.993390][ C1] ? __pfx_dst_output+0x10/0x10 [ 1488.998510][ C1] inet6_csk_xmit+0x442/0x530 [ 1489.003450][ C1] ? __pfx_inet6_csk_xmit+0x10/0x10 [ 1489.008868][ C1] __tcp_transmit_skb+0x3b07/0x4880 [ 1489.014297][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1489.019717][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1489.025795][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1489.031893][ C1] tcp_connect+0x35b6/0x7130 [ 1489.036691][ C1] ? tcp_fastopen_defer_connect+0x65/0x430 [ 1489.042798][ C1] tcp_v6_connect+0x1bcc/0x1e40 [ 1489.047839][ C1] ? tomoyo_check_inet_address+0x9a6/0xa60 [ 1489.053862][ C1] ? __pfx_tcp_v6_connect+0x10/0x10 [ 1489.059233][ C1] __inet_stream_connect+0x2ef/0x1730 [ 1489.064847][ C1] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 1489.071392][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1489.076804][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1489.082835][ C1] ? __local_bh_enable_ip+0x74/0xb0 [ 1489.089235][ C1] ? _raw_spin_unlock_bh+0x2d/0x40 [ 1489.094552][ C1] ? lock_sock_nested+0x1de/0x200 [ 1489.099775][ C1] inet_stream_connect+0x6a/0xd0 [ 1489.104946][ C1] __sys_connect+0x606/0x690 [ 1489.109765][ C1] ? kmsan_get_metadata+0x13e/0x1c0 [ 1489.115234][ C1] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 1489.121821][ C1] ? __pfx_inet_stream_connect+0x10/0x10 [ 1489.127728][ C1] __x64_sys_connect+0x91/0xe0 [ 1489.132715][ C1] x64_sys_call+0x27a5/0x3ba0 [ 1489.137629][ C1] do_syscall_64+0xcd/0x1e0 [ 1489.142374][ C1] ? clear_bhb_loop+0x25/0x80 [ 1489.147287][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1489.153429][ C1] RIP: 0033:0x7f372077def9 [ 1489.157996][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1489.177818][ C1] RSP: 002b:00007f37214cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1489.186431][ C1] RAX: ffffffffffffffda RBX: 00007f3720935f80 RCX: 00007f372077def9 [ 1489.194653][ C1] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 1489.202804][ C1] RBP: 00007f37207f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 1489.210922][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1489.219042][ C1] R13: 0000000000000000 R14: 00007f3720935f80 R15: 00007fffcb1f0e88 [ 1489.227206][ C1] [ 1489.230588][ C1] Kernel Offset: disabled [ 1489.234994][ C1] Rebooting in 86400 seconds..